We are trying to integrate our product(Cisco Prime Infrastructure) with Cisco ISE for Authentication and Authorizations. We already support PAP/CHAP, and not trying to add support for EAP-TLS.

Currently during our integration, facing TLS payload errors. We are using jradius library for talk to Cisco ISE for authentication and facing the below TLS error in ISE logs. Tried with Cisco ISE 1.2 and 1.3 versions.

Event                                    5400 Authentication failed         

Failure Reason                  11500 Invalid or unexpected EAP payload received        

DetailedInfo                      TLS packet parsing failed: total accumulated size plus this last fragment size is greater than expected total TLS message size

Any pointers to resolve this problem or any other free java based client library instead of jradius which is tried out successfully with Cisco ISE would also be great.

Regards

Chandrakumar