11-17-2015 09:09 AM
Good Morning Everyone,
I've been trying to work through some issues with using Clearpass as a Radius Server for our Cisco Anyconnect login. I initially noticed an issue when the anyconnect client seems to freeze after the login attempt (pauses for 15-20 seconds) before establishing the remote vpn.
What I see on the clearpass side is 3 authentication attempts (with the correct username and password typed once), first is a failed attempt the second is a successful one and then the last is a failed attempt.
The user is allowed access after the 3rd - failed attempt. I attached the service snapshot, the access tracker snapshot, and the access attempt details.
12-26-2015 03:05 AM
always tricky to troubleshoot with limited information but i see two things that could use investigation.
1) the failed attempt says AD timeout (or something like that). so it might be your AD environment is very busy or sometimes unreachable from the CPPM, there is high latency, or perhaps it is rate limiting the ammount of requests from the CPPM. i would focus on that if all failed attempts are with that timeout.
2) you seem to have included about all auth methods. cant imagine this causing an issue but i would trim it down to what you need. that appeared to be PAP, but double check that.