Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1735
Views
0
Helpful
1
Replies

wireless Authentication problem in ISE version 2.0.0.306

mostafashoaei
Level 1
Level 1

‎03-06-2017 09:32 PM

Hi guys,

I had a Cisco ISE 2.0.0.306,

I config authentication on wired and wireless, wired authentication works exactly, however wireless authentication gave following problem:

Failure Reason:  12321 PEAP failed SSL/TLS handshake because the client rejected the ISE local-certificate

Resolution:      Check whether the proper server certificate is installed and configured for EAP in the Local Certificates page ( Administration > System > Certificates > Local Certificates ). Also ensure that the certificate authority that signed this server certificate is correctly installed in client's supplicant. Check the previous steps in the log for this EAP-TLS conversation for a message indicating why the handshake failed. Check the OpenSSLErrorMessage and OpenSSLErrorStack for more information.

Root cause:     PEAP failed SSL/TLS handshake because the client rejected the ISE local-certificate

I have been attached screen shot of error, please attention to it.

note: I have run a new version of Cisco ISE(2.2.0.470) and works exactly.

both of ISE have same configuration.

I have changed the certificates of ISE but it doesn't work still.

Can you tel me, whether this is a bug in this version?

please help me,

Thanks a lot

Preview file
110 KB
0 Helpful
1 Reply 1

smashash
Cisco Employee
Cisco Employee

‎03-06-2017 11:35 PM

Hi,

Try to  install the ISE server certificate or root certificate in client (supplicant) side.

Or

If you are using MSFT PC (windows), you can disable the server validation option on PC.

see attached file

Preview file
158 KB
0 Helpful
Customers Also Viewed These Support Documents