locked
802.1x Authentication Problems - The PC's After put the username and password occurs the error " There are no logon servers available to service the logon request " RRS feed

  • Question

  • Hello everybody!

    We are having some problems here in my office after a 802.1x implementation.

    There is our setup:

    Cisco ISE 2.2 version

    Windows Server 2012

    End user machines with Win 10, 8 and 7.

    So, the problems start's when some end users machines starts to give us this error affter when we try to log in the Windows:

    "There are no logon servers available to service the logon request "

    We are using EAP-PEAP with the cisco ISE. This is a strange kind of problem, because sometimes the same machine works well, but after a user made de logoff and other user wants to try to use the same machine, the problems starts to appear. Sometimes, after some minutes the PC start's to answer the EAP switch requests and starts the comunication with the Cisco ISE.

    The problem occurs with windows 10, 8 and 7 OS's.

    We already try open a TAC with Cisco and they tell us that it seens a problem with a Operational system.

    Above, some logs of one of our end users pc's.

    After some attemps, the end users starts to answer the switch for start the comunication with the Cisco ISE

    3             2017-06-20 14:56:14.238130       CiscoInc_89:9b:85            HewlettP_0c:3f:02           EAP        60               Request, Identity

    10           2017-06-20 14:56:24.515473       CiscoInc_89:9b:85            HewlettP_0c:3f:02           EAP        60               Request, Identity

    17           2017-06-20 14:56:34.806629       CiscoInc_89:9b:85            HewlettP_0c:3f:02           EAP        60               Request, Identity

    22           2017-06-20 14:57:21.134357       HewlettP_0c:3f:02           Nearest EAPOL   19           Start

    24           2017-06-20 14:57:21.143090       CiscoInc_89:9b:85            HewlettP_0c:3f:02           EAP        60               Request, Identity

    114        2017-06-20 14:57:31.427023       CiscoInc_89:9b:85            HewlettP_0c:3f:02           EAP        60               Request, Identity

    137        2017-06-20 14:57:41.713613       CiscoInc_89:9b:85            HewlettP_0c:3f:02           EAP        60               Request, Identity

    166        2017-06-20 14:57:52.009953       CiscoInc_89:9b:85            HewlettP_0c:3f:02           EAP        60               Failure

    168        2017-06-20 14:57:52.221115       CiscoInc_89:9b:85            Nearest EAP        60           Request, Identity

    174        2017-06-20 14:58:02.507756       CiscoInc_89:9b:85            HewlettP_0c:3f:02           EAP        60               Request, Identity

    176        2017-06-20 14:58:12.794231       CiscoInc_89:9b:85            HewlettP_0c:3f:02           EAP        60               Request, Identity

    180        2017-06-20 14:58:25.553836       HewlettP_0c:3f:02           Nearest EAP        34           Response, Identity

    181        2017-06-20 14:58:25.571353       CiscoInc_89:9b:85            HewlettP_0c:3f:02           EAP        60               Request, Identity

    182        2017-06-20 14:58:25.571773       HewlettP_0c:3f:02           Nearest EAP        34           Response, Identity

    183        2017-06-20 14:58:25.592516       CiscoInc_89:9b:85            HewlettP_0c:3f:02           EAP        60               Request, Protected EAP (EAP-PEAP)

    184        2017-06-20 14:58:25.637677       HewlettP_0c:3f:02           Nearest TLSv1.2 202        Client Hello

    Any solutions or some north for resolve this issue?

    Thanks all for the help

    Monday, July 10, 2017 4:35 PM

All replies

  • Hi,

    Has this computer been joined to a domain at any point? Usually you get that message when trying to log in with a domain account but there are no domain controllers present to authenticate your credentials (and nothing cached locally). If you aren't on a domain you need to log in as a local user. Put your username as .\username  For example if my account was called User1 I would log in as .\User1

    I have a solution, you could follow the steps below:

    1 Remove the Computer from AD, - Join Workgroup (local)

    2 Delete the Computer Account from AD

    3 Reboot Computer,

    4 Login as Local Admin

    5 Rejoin to domain,

    6 Reboot

    If it doesn’t work, please check the DNS Event on the server if it has error.

     

     

    Best Regards,

     

    Frank


    Please remember to mark the replies as answers if they help and unmark them if they provide no help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Tuesday, July 11, 2017 3:18 AM
  • Hello Frank,

    The problem is if sometimes, if I try to log in with my user, i can without any problems... But, if I make the log off and my coworker try to make the same processs, the problem occurs with Him...

    It's happening with a lot of users... It's note a problem with only one user or one computer.

    I Think it's a problem during the process between the host and the switch comunication... but in my last TAC with Cisco they told me that my configuration is right... soo.. I need help to verify some logs in the Windows system or something like that.

    I found some information using WIRESHARK, but i'ts not enougth.

    Thank for the help

    Tuesday, July 11, 2017 7:08 PM
  • Hi,

    Do you mean that  you could log in as a user then when you try to log in as a different user it's "No logon servers available".
    Go to Network and Sharing, then clicked on your Wireless connection on the right side and Clicked Properties I see the wireless network name, SSID, Network type and Network availability.  For network availability to check if it shows "Me Only".

    There is a article about "How to Enable User-Specific Wireless Networks in Windows"may help you :
    https://www.howtogeek.com/howto/43782/how-to-enable-user-specific-wireless-networks-in-windows-7/


    Best Regards,

    Frank song


    Please remember to mark the replies as answers if they help and unmark them if they provide no help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Monday, July 17, 2017 7:37 AM
  • Hi Frank,

    Did you find a resolution, as I am facing the same in ISE 2.1

    Thursday, August 3, 2017 6:25 AM
  • So i know more about the issue, also experiencing this at a customer site, the No Logon servers available, comes from the new user never logged in to machine before, so doesnt have cached credentials on the workstation.

    This still has not been resolved.


    jjonessec

    Wednesday, October 24, 2018 4:37 PM