Guest

Preview Tool

Cisco Bug: CSCvs03810 - ISE doesn't display the correct user in RADIUS reports if the user was entered differently twice

Last Modified

Sep 26, 2020

Products (1)

  • Cisco Identity Services Engine

Known Affected Releases

2.4(0.910)

Description (partial)

Symptom:
if the username was changed after the first authentication attempt under the TLS tunnel, this change will not be reflected on ISE reports.

example :

 1.  The supplicant sends Inner Method EAP Identity = X1
  2.  The supplicant sends Inner EAP-MSCHAPv2 Username = X1
  3.  Authentication attempt failed due to X1 is incorrect username, ISE suggests retry
  4.  The supplicant sends Inner EAP-MSCHAPv2 Username = X2
  5.  Authentication passed due to X2 is correct username
  6.  ISE uses EAP Identity X1 to represent user name in audit log

Conditions:
username entered incorrectly the first time, then when ISE asks for a retry user enters the correct username
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.