Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2226
Views
0
Helpful
2
Replies

CISCO ISE - Help with Radius Auth : Max session failed, but no session really in use ??? + AD Group different rights

Charly
Level 1
Level 1

‎06-19-2018 06:43 AM - edited ‎03-08-2019 03:24 PM

Hi,

We use Cisco ISE v2.3.0.298 Patch.3. / ISE-VM-K9 With 2 WLC 2504

Some users complain about not bein able to connect...

In the Live logs, we can see that the message says :22089 New user session not permitted. Max sessions user limit has been reached

We configured ISE to 1 connexion only, but in fact, no other session is present in the logs... ???

At the end, it says : 15039 Rejected per authorization profile

But username is not already in use...

Let's note that we have been sollicited on this issue after a ISE VM moved from one ESX to another... Can that be the problem ?

Is that a known Bug ?

 

Another think :

Our VIP population can have 2 or more Enpoints to connect at the same time on this WIFI.

We want only users from AD_VIP Activ dir group to use more than 1 Enpoint at the same time.

So I created a new User-Identity-Group named "Employee-MultiEndpoints", and mached the AD_VIP  Active-Directory Group in External-ID-Sources...

Then, I don't know how to correlate both groups... Am I going the wrong way ?

 

Thank you for your help !

Charly.

1 person had this problem
Labels:
0 Helpful
2 Replies 2

mohammed01701
Level 1
Level 1

‎06-19-2018 08:59 AM - edited ‎06-19-2018 09:00 AM

Hi!

 

Are you sure you are not only allowing on session at time, there is setting that you can allow unlimited sessions see the Link:

 

https://www.cisco.com/c/en/us/support/docs/security/identity-services-engine-22/204463-Configure-Maximum-Concurrent-User-Sessio.html

 

/Mohammed

0 Helpful

PedroDias1994
Level 1
Level 1

‎08-01-2019 05:01 AM - edited ‎08-01-2019 05:02 AM

Hi,

Have you found any solution for this?

Thanks.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card