Windows 10 does not response EAP-Request/Identity from Switch after sucessfuly authentication of 802.1X

[luckydog xf]

Hello,

    This may not be a question of Freeradius, but I post it here to see
whether someone ran into the same issue before and found a way to fix it.

     We're running H3C switch, configure eap authentication, client is
windows 10 and uses certificate authentication. Initially windows 10 can be
online and soon after that it goes offline.

     By  checking freeradius log, we can see that accounting
Acct-Status-Type is Start and later becomes Stop.
      We use wireshark to capture packets of windows 10 and find that,
after it's successfully online, Switch sends EAP-Request/Identity to it and
expects a response.  Yet windows 10 ignores it. Switch sends a 'Stop' to
Freeradius when it's timeout.

      The whole process is listed
http://www.h3c.com/en/Support/Resource_Center/Technical_Documents/Home/Switches/00-Public/Configure/Configuration_Guides/H3C_S5130S-HI[EI]_S5110V2_S3100V3-EI-6W103/08/201909/1227641_294551_0.htm

  [  EAP relay ]    section.

11.     After the client comes online, the access device periodically sends
handshake requests to check whether the client is still online. By default,
if two consecutive handshake attempts fail, the device logs off the client.

12.     Upon receiving a handshake request, the client returns a response.
If the client fails to return a response after a number of consecutive
handshake attempts (two by default), the access device logs off the client.
This handshake mechanism enables timely release of the network resources
used by 802.1X users that have abnormally gone offline.


So it's quite weird, why does Windows 10 ignore it ?

Appreciated for any help.

Thanks.