08-19-2014 12:08 AM - edited 03-10-2019 09:57 PM
Domain Computer authentication (SSL/TLS not checked in computers) is being used in a network. Microsoft Windows 7 is the operating system of clients. In Cisco ISE SSL/TLS failure messages are noticed:
"PEAP failed SSL/TLS handshake because the client rejected the ISE local-certificate" Funny thing is no SSL/TLS is active in the network. How is this possible?
08-19-2014 04:05 AM
08-19-2014 05:03 AM
Actually I've already checked this post. However, the client computer is not configured to validate server certificate.
08-21-2014 09:09 AM
Can you post screenshots of the supplicant's configuration?
08-21-2014 03:13 PM
I have intermittently had this issue with ISE in most builds for the better part of a year or so. SOme days everyting is fine other days this occurs for hosts even when validate is not ticked. Tell me about the server certificate on the ISE policy node - is it a wildcard certificate?
08-21-2014 03:51 PM
what kind of Certificate ISE is using? self signed or 3rd party? I will suggest you to generate the ISE's Local certificate again.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: