Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
255
Views
5
Helpful
1
Replies

ISE 2.0 802.1x Windows Client Authentication Issue

chatataridge
Level 1
Level 1

‎03-15-2016 09:03 AM - edited ‎03-10-2019 11:34 PM

We are installing a green field ISE 2.0 sp2 solution for wireless endpoints, one 802.1x corporate SSID and two guest portals. The WLC's are 5520's running code 8.1.131 Everything seems to be working as designed, until a windows user attempts to log into the 802.1x SSID and there are no windows credentials cached on the laptop for that user.  Once the machine authenticates, the airspace ACL that is on the WLC allows traffic to DNS, DHCP, ISE and DC.  I can see the machine authenticate in ISE, the proper ACL is pushed to the WLC, the WLC shows the session and correct ACL, the user authentication attempt is not seen by ISE, then the Windows laptop barks that it can not find a Domain Controller to authenticate against.

I am not sure where to begin to troubleshoot this.  Thank you.

Labels:
0 Helpful
1 Reply 1

chatataridge
Level 1
Level 1

‎03-18-2016 01:06 PM

The issue was the Airspace ACL not allowing access to all the DC's in the customer environment.  

Customers Also Viewed These Support Documents