Has anyone seen any problems with single sign on dot1x and XP after service pack 3?
Specifically, here at HPU we're seeing SP3 users can't login immediately after they get to the "ctrl-alt-delete" screen and after a computer goes to sleep it doesn't reauthenticate at all.
For the authentication server, we're using the IAS radius server in 2008. Our own windows cert server and below, is our standard dot1x port config. Also this is happening across all our switches 3560 and 3550.
We're using PEAP + MSchap V2
aaa authentication dot1x default group radius
aaa authorization network default group radius
dot1x guest-vlan supplicant
switchport access vlan 225
switchport mode access
switchport voice vlan 100
switchport port-security aging time 2
switchport port-security violation restrict
switchport port-security aging type inactivity
srr-queue bandwidth share 10 20 40 80
srr-queue bandwidth shape 0 0 0 0
auto qos voip cisco-phone
dot1x pae authenticator
dot1x port-control auto
dot1x violation-mode protect
dot1x timeout reauth-period 300
storm-control broadcast level 50.00 25.00
storm-control multicast level 50.00 25.00
macro description cisco-phone
spanning-tree bpduguard enable