Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Create a new article
599
Views
0
Helpful
0
Comments

Cisco 7920 handsets fail to authenticate against WLSE-Express, but authentication works fine against other stand-alone AAA servers such as Cisco Secure ACS

TCC_2
Level 10
Level 10

‎06-22-2009 06:16 PM - edited ‎03-12-2019 09:17 AM

Core Issue

The root cause of this problem is the inability of the 7920 firmware to issue an EAP-NAK response when it encounters an unsupported EAP authentication method. This is a limitation of the 7920 firmware that will be addressed in a future firmware release.

Resolution

This problem is documented in Cisco bug ID CSCsc22006. As a workaround, configure the 7920 handset to use an authentication method other than LEAP, or use Cisco Secure ACS as an external AAA server. Using any authentication method based on static information, such as pre-configured passwords, is inherently less safe. This issue was first first found in version 4.1(0.1) and 4.0(1.4) and was first fixed in version 4.1(1) and 4.1(0.2).

For more information, refer to Using the AAA Server. To install the certificate, refer to WLSE Express AAA Server Certificate Guide. For the latest firmware, refer to Wireless LAN Solution Engine Software Download Center.

Problem Type

Client / Device cannot authenticate

Products

Cisco 7920 Wireless Phones

CiscoWorks Wireless LAN Solution Engine (WLSE)

CiscoWorks Wireless LAN Solution Engine (WLSE) Express

Security Options

PEAP

Authentication

LEAP / RADIUS

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents