After setting up ACS and using the CTA w/ Wired Supplicant for the RADIUS authentication i have hit a brick wall. It takes about 2 -3 minutes for the computer to log in. Once in windows i can disconnect and reconnect the supplicant and everything will work almost instantly, it is only on log on that is the problem.
I am using ACS 3.3 with Cisco 3560 switches.
From the CTA log files i get the following:
10/13/2006 14:04:21.244 [1076.1600] 76 I CN<18> AD<00e018b44686> Connection Authentication Success.
10/13/2006 14:04:21.260 [1076. 204] 78 I CN<18> AD<00e018b44686> Connection IP Address Received: Address: 10.105.1.3.
10/13/2006 14:07:16.426 [1076.1600] 29 I CN<18> AD<00e018b44686> Port State Machine transition to AC_PORT_STATE_REAUTHENTICATING(AC_PORT_STATUS_8021x_ACQUIRED)
10/13/2006 14:07:16.426 [1076.1600] 109 I CN<18> AD<00e018b44686> Connection Authentication Started in user context.
10/13/2006 14:07:16.473 [1076. 468] 24 I CN<18> AD<00e018b44686> Identity requested.
10/13/2006 14:07:16.473 [1076.1600] 25 I CN<18> AD<00e018b44686> Identity sent.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...