Not sure, if it similar issue but I have come across issue where Ip phones keep trying authentication and in CPPM we are seeing continous timeouts in access tracker.
Issue got fixed after increasing the settings
On the switch,changed the following port settings:
aaa port-access authenticator
aaa port-access authenticator quiet-period 30
aaa port-access authenticator tx-period 10
aaa port-access authenticator max-requests 3
aaa port-access authenticator logoff-period 862400
aaa port-access authenticator client-limit 3
to:
aaa port-access authenticator 1/11 quiet-period 60 à default value
aaa port-access authenticator 1/11 tx-period 30 -> default value
aaa port-access authenticator 1/11 max-requests 2 -> default value
aaa port-access authenticator 1/11 client-limit 32
After the restarts, all IP Phones are connected and authenticated using EAP-TLS. No timeouts occurred since.