11-03-2014 01:16 AM - edited 07-05-2021 01:51 AM
Hi all,
I upgraded from ISE 1.2 patch 6 to 1.2 patch 12 to fix an ISE portal bug over the weekend.
None of my Guest Wireless users are complaining, authentication is working fine. But the below error is appearing for every Guest user session under ISE/Operations/Live Authentications.
"5441 Endpoint started new session while the packet of previous session is being processed. Dropping new session"
Is anyone aware of a bug possibly and I guess you need to upgrade to 1.3.x
I would've thought Cisco would bring out a fix for this in 1.2.x....maybe patch 13 (new bug?)
Any info out there about 5441 before I log a TAC?????
Thanks.
11-03-2014 02:10 AM
11-03-2014 02:24 AM
I can't view details of bug CSCuh86885 via the Cisco bug search tool. Can you please paste all the info in this thread for me.
Thanks
11-04-2014 05:55 AM
We have same problem - After upgrade of Cisco ISE to 1.2 patch 12 (previous was patch 9) this message started to appear....
Our scenario - LAN 802.1x - authentication FAST with eap chaining..
Machine authentication via certificate - no error message appears
User authentication (chaining) -
two messages appears -
5413 RADIUS Accounting-Request dropped
5441 Endpoint started new session while the packet of previous session is being processed. Dropping new session.
We have rolled back to patch 11 - and everything looks fine (no error message)
There is something wrong with the patch 12. – it looks that only user authentication is affected
see in the attachment....
11-13-2014 05:00 AM
Having the same issue here on Patch 12 after applying fix patch
Dashboard and client counts are all going down and becoming inaccurate.
WLAN and LAN with 802.1x
Event | 5413 RADIUS Accounting-Request dropped |
Failure Reason | 5441 Endpoint started new session while the packet of previous session is being processed. Dropping new session. |
We had applied this patch to get current with the BASH vulnerability.
Please post the contents of the bug listed above.
Thanks,
Chris
11-13-2014 05:47 AM
I received an email from Sac Support @Cisco not long after I posted this discussion, Cisco are investigating the issue at the moment, I've asked for an update.
If no response I'll log a TAC and update this thread when I find out more......I'm hoping for patch 13 soon!
11-13-2014 05:58 AM
I have opened a TAC case. Right now, as you said, Cisco investigate my logs from switch and ISE. We will see...
11-19-2014 12:46 AM
I got a confirmation from Cisco TAC. We are hitting the Bug ID CSCur35455 in our deployment. Bug description is not customer visible yet. Based on the Cisco, this bug is quite "Deployment specific" and other ISE deployments does not have the same issue. Fix will be released in patch 13.
11-19-2014 01:40 AM
sounds like we might have to wait till next year...at least Cisco have identified the bug
12-09-2014 12:54 PM
FYI -I have upgraded to ISE 1.3 and am still getting these errors. Any new info?
thx
02-23-2015 08:04 AM
HI - I have Cisco ISE running on version 1.3 and getting errors for 5440 with endpoint initiates a new session. Can anyone please confirm that this is just a cosmetic bug and not affecting authentications?
Thanks,
Sandeep
11-13-2014 06:40 AM
Hello,
Regarding:
CSCuh86885 No event for failure reasons 5440/5441: Endpoint started a new session.
This bug is basically cosmetic. This means there is no event associated when error 5440 / 5441 are triggered, but that has nothing to do with why those error are triggered.
I am working on a TAC case with Tomas. I or He will post the result once we come to any conclusion.
11-14-2014 10:09 AM
Any updates? I am not so sure it is cosmetic. I have clients failing to make it through the flow. I am seeing the following on these clients requests:
It would appear that because the accounting data doesn't get back it, there is confusion that the session doesn't exist and the auth fails.
Event | 5400 Authentication failed |
Failure Reason | 12953 Received EAP packet from the middle of conversation that contains a session on this PSN that does not exist |
Resolution | Verify known NAD issues and published bugs. Verify NAD configuration. Turn debug log on DEBUG level to troubleshoot the problem. |
Root cause | Session was not found on this PSN. Possible unexpected NAD behavior. Session belongs to this PSN according to hostname but may has already been reaped by timeout. This packet arrived too late. |
12-30-2014 02:29 AM
Cisco has released patch 13 for ISE 1.2. And the problem was solved. One point - every node in cluster (or standalone) rebooted after patch was applied. This is quite change, because previous patches for ISE 1.2 only disable/enable services.
01-02-2015 08:50 AM
Hi cisartomas, thanks for updating us.
One thing Cisco identified this bug as CSCuh86885 (as in this thread Bistein Migette who I have dealt with in previous TAC calls).
I'm looking through the latest release notes updated 23rd December under 1.2 resolved caveats I can't see big fix for CSCuh86885?
Can you let me know where this fix is listed under the latest release notes....maybe CSCur35455?
thanks.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide