I am having a problem with PCs on my wireless network that are failing to authenticate on 802.1X EAP-FAST. My timers are currently
Identity Request Timeout (in secs) .......15
Identity request Max Retries..................12
Dynamic WEP Key Index.........................0
Request Timeout (in secs)......................60
Request Max Retries................................5
Max-Login Ignore Identity Response........enable
EAPOL-Key Timeout (in milliSeconds)......3000
EAPOL-Key Max Retries...........................4
EAP-Broadcast Key Interval(in secs)........3600
My environment
WLC 8.10.171.1 (radius points to a VIP on an A10)
ISE - 2.7.0.356 (load balanced by an A10)
DNS-Bluecat - 9.3.0
PCs are running anyconnect version 3.9 or 3.10
ISE live logs for the failed PCs show the generic message "5440 Endpoint abandoned EAP session and started new"
For my environment, are there any I should make to the EAP timers?