cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
625
Views
0
Helpful
2
Replies

Anyconnect 3.1.11004 - NAM - wrong credentials

mukka
Level 1
Level 1

I am trying to deploy the EAP chain authentication with user and machine certificate. 

User credentials are ok, but the machine credentials are wrong.

 

NAM - Editor - Anyconnect configuration:

    Machine credential:

    Protected Identity Pattern: host/[username].[domain]

 

    ISE has used the right credetials for authenticantion:

       host/machine_name.domain

    But during the authorization, I can see the ISE server using the wrong informations: 

       host/domain

 

anyone already faced it ?

 

thanks,

Murilo

2 Replies 2

Do you have Anyconnect attempting to establish the connection before the user logs in? If so, I believe there would be no username associated so the machine would attempt to log in with it's own machine account instead of waiting for the user login.

Hi Robert,

I tried to configure the machine authentication with EAP_TLS and it works. 

         I can see host/machinename.domain

 

When I tried the authentication with EAP_CHAIN (tunnel EAP Fast + Authentication EAP_TLS) it is not working properly.

      1. I have the authetication success. User and Machine credetials OK

 

      2. In the authorization, user is ok too, but the machine credential is wrong. 

      I expected host/machinename.domain. But the machine credentials comes as host/domain

 

thanks,

Murilo

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: