ISE - AD 802.1x Authentication Failure (All of the sudden) - Page 2

jacovr · ‎07-25-2014

I have a WLC using ISE to authenticate through AD. (No certificates - only username & password)

ISE is single node deployment.

Its been running fine for the past 6 months, but all of a sudden I get the following errors:

Failure Reason: 12953 Received EAP packet from the middle of conversation that contains a session on this PSN that does not exist

Resolution: Verify known NAD issues and published bugs. Verify NAD configuration. Turn debug log on DEBUG level to troubleshoot the problem.

Root cause: Session was not found on this PSN. Possible unexpected NAD behaviour. Session belongs to this PSN according to hostname but may has already been reaped by timeout. This packet arrived too late.

Any Ideas why this would happen ?

Saurav Lodh · ‎07-29-2014

The node was not joined to the domain which caused the error.

jacovr · ‎07-30-2014

Salodh.

as stated. It was working fine for 6 months (hence it WAS joined to the domain).

It suddenly stopped working. and after I rebooted, it started working again.

Jaco

alicato43 · ‎03-16-2015

im recevieing this error message also

Failure Reason: 12953 Received EAP packet from the middle of conversation that contains a session on this PSN that does not exist

Resolution: Verify known NAD issues and published bugs. Verify NAD configuration. Turn debug log on DEBUG level to troubleshoot the problem.

Root cause: Session was not found on this PSN. Possible unexpected NAD behaviour. Session belongs to this PSN according to hostname but may has already been reaped by timeout. This packet arrived too late.

but im running ISE 1.3 with patch 1 only noticed this after the upgrade.

nad is a 3560v2-24ps-s running c3560-ipservicesk9-mz.122-55.SE10.bin

any ideas anyone?