Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

ISE 1.2 EAP Chaining and Windows 8 - Auth failures

Hi All,

I've got a couple sites that appear to have issues with EAP chaining, ISE 1.2 and Anyconnect client on windows 8 enterprise.

Basically the windows 8 machines authenticate intermittently and randomly but largely fail auth. 

Often the client will work perfectly for a boot even after a few reboots etc and then might stop working.  Other clients won't work at all no mater what settings you configure.

Outer Method - EAP-FASTv2

Inner Method - MSChapV2

ISE 1.2 with Patch 1 (latest)

Windows 8 Enterprise - with patch http://support.microsoft.com/kb/2743127

Anyconnect Client  3.1.0466 (latest)

Machine and User Auth Against AD.

Cert checks disabled for testing.

Clients using same configuration.xml file

Symptom is Anyconnect prompts for username / password instead of using existing credentials.  Typing credentials doesn't work.

Logs show failed "anonymous" authentications or client EAP timeouts.

Cheers

Peter.

2 REPLIES
Community Member

ISE 1.2 EAP Chaining and Windows 8 - Auth failures

Hi Peter,

It sounds like the Inner Method is not being negotitated properly so its only reading the Outer Method which by default is set to show "Anonymous" in AnyConnect Profiles.

Is it possible to upload a PDF version or copy paste the output of the failure from ISE's perspective?

Kind Regards,

Vlad

Community Member

ISE 1.2 EAP Chaining and Windows 8 - Auth failures

Hi,

I am facing same issue when I use EAP-chaining with win7 client PC. I am following Cisco's document. It works occassionaly. But fail mostly showing anonymous user. Please help me on this.

536
Views
0
Helpful
2
Replies
CreatePlease to create content