Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1332
Views
0
Helpful
6
Replies

Motorola Handheld not authenticating with ACS

networker101
Level 1
Level 1

‎06-07-2011 09:01 AM - edited ‎03-10-2019 06:08 PM

Hi Gurus,

I have deployed a Cisco wireless environment at one of our sites.

The problem is that we are rolling out new motorola handhelds (MC75) are not authenticating with the ACS. I have copied the same config as it was with the exsisting  wireless that was installed. Funny thing is we have another set of motorola handhelds (MC70) all use the same certificates and can authenticate without any issues.

When i look at the ACS for logs I get the following error;

EAP-TLS or PEAP authentication failed during SSL handshake

Any Idea's??

Thanks

Labels:
0 Helpful
6 Replies 6

andamani
Cisco Employee
Cisco Employee

‎06-07-2011 09:41 AM

this seems primarly as a cert issue. 

can you check the following:

1. cert on the ACS

2. trustlist on the ACS should have the CA of this cert as trusted.

3. Cert on the motorola devices and their expiry.

If all is well, then i would ask you to make the logging full. Do a test authentication with the non working client. And take the package.cab. We will have analyse what exactly is happening.

Hope this helps.

Regards,

Anisha

P.S.: please mark this post as answered if you feel your query is resolved. Do rate helpful posts.

0 Helpful

networker101
Level 1
Level 1
In response to andamani

‎06-08-2011 08:08 AM

Hi Anisha,

I have checked the following;

  1. the cert on the ACS is fine, as it uses the same cert for the older models and the laptops
  2. trustlist on the ACS is trusted
  3. Expirey on the motorola devices is good

How would i view the package.cab file?

Thanks

0 Helpful

networker101
Level 1
Level 1
In response to networker101

‎06-08-2011 08:11 AM

Where would i find the package.cab file?

0 Helpful

andamani
Cisco Employee
Cisco Employee
In response to networker101

‎06-09-2011 01:05 AM

Hi,

Please ensure that the logging is set to full.

System configuration > Service Control > level of detail full

you can go to system configuration > support > Run support now.

After you do so a file will get downloaded automatically.

Please collect it and let me know.

Regards,

Anisha

P.S.: please mark this thread as answered if you feel your query is resolved. Do rate helpful posts.

0 Helpful

networker101
Level 1
Level 1
In response to andamani

‎06-09-2011 08:38 AM

Hi,

It is set to full logging, i have downloaded the file.

What do i need to look out for?

Thanks

0 Helpful

andamani
Cisco Employee
Cisco Employee
In response to networker101

‎06-11-2011 11:03 PM

Hi,

Please check for the timestamp in the failure log.

Note the timestamp and check for the corresponding logs on the auth.log and radius.log. you will see the reason in there..

if you want you can post it here and i can check it for you. Is the package.cab posting is an issue then i would suggest you to open a TAC Case and the engg should be able to assist you.

Hope this helps.

Regards,

Anisha

P.S.: please mark this post as answered if you feel your query is  resolved. Do rate helpful posts.

0 Helpful
Customers Also Viewed These Support Documents