Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

ACS 5.3 machine authentication error

i have this error

5411 EAP session timed out

11500 Invalid or unexpected EAP payload received.

when the user power on his machine and the IP phone is already up , i get these errors , the solution of them to diconnect the cable and reconnect the cable again , but this solution is annoying the customer

so kindly advise

4 REPLIES

ACS 5.3 machine authentication error

Hello. Please be more specific.

What is your switch configuration ? I'm assuming you're only using Windows XP and Windows 7,  what EAP are you using in your windows ?

Also I guess your Windows PC is behing the ip phones. Are Cisco IP Phones? or other brand?  are you authentication your IP Phones with MAB, EAP-TLS or EAP-MD5 ?

Kind regards

Community Member

ACS 5.3 machine authentication error

switch configuration is

aaa new-model

aaa authentication login default local

aaa authentication dot1x default group radius

aaa authorization exec default local

aaa authorization network default group radius

aaa accounting dot1x default start-stop group radius

aaa accounting network default start-stop group radius

aaa accounting system default start-stop group radius

!

dot1x system-auth-control

dot1x critical eapol

ip radius source-interface Vlanxx

radius-server host y.y.y.y key xxxxxxxxxxxxx

interfa config

sh

no  switchport access vlan 4

dot1x pae authenticator

dot1x port-control auto

dot1x host-mode multi-host

dot1x timeout quiet-period 3

dot1x timeout server-timeout 15

dot1x timeout tx-period 15

dot1x guest-vlan 17

dot1x critical vlan 104

no sh

exit

this error with windows 7 and Xp with peap

the ip phone is not authenticated

Community Member

ACS 5.3 machine authentication error

Hello,

I've the same problem. Any solution for this issues?

Thanks,

Gandhi

Cisco Employee

ACS 5.3 machine authentication error

What is the MAR cache timeout configured on ACS. Are end users shutdown their machines at the end of the day or reboot or log off / login after a specified amount of time.

Please share more info about ACS and switch side config.

Jatin Katyal

- Do rate helpful posts -

~Jatin Katyal
1245
Views
0
Helpful
4
Replies
CreatePlease to create content