I am involved in rolling out about 40 wifi networks using cisco 3602/2802 aps and cisco 5508 ISE. Our network offers a 2 step authentication with user and machine certificates as well as users needing to be in correct AD groups.
The problem we have is that some machines (even with all the correct certificates and creds) intermittently connect to the wlan whilst newer laptops connect with few problems. From experimenting it looks like the order of authentication is part of the reason.
If a laptop is started from cold then the first thing that happens is machine authentication. The user then logs onto the network and then they can often connect to the ssid ok. If they start with a machine in hibernation then mostly they are unable to connect to the wlan. Once failed there are then issues with '
| 5434 Endpoint conducted several failed authentications of the same scenario' |
I have attached redacted authorization policies and authentication policies. Has anybody else come across this problem. I have just recently enabled the 'Enable EAP TLS session Resume' to see if this helps. I really am an amateur at this and would welcome any advice from the experts in here. Thanks in advance
