Hi Max,

Yes as you said it looks like the issue with the client drivers. Also when the user has been prompted with change in password for 3 times as you said, check for relevant logs from windows event viewer and see if we can intrepret the logs. Adding to your setup, i have been trying to setup EAP-TLS and TTLS for clients location. Though i dont use cisco, but my infrastructure is same as urs. Controller and thin APs deployed across the site. When i use TLS, i need to know whether we need to transfer the cert to the client and select Smartcard/cert for authentication or is there anyother steps which i'm missing? I have deployed PEAP. But need to know how to deploy certs in TLS and TTLS. One thing i know in theory is for TTLS, we need server and client side certs. What does this mean? How do we go about deploying? If you have any docs or links to configure, Please send it across. Will be more helpful.
Thanks.