Problem with work group bridge authentication with ACS 5.x
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-05-2012 11:16 PM - edited 03-10-2019 07:45 PM
EAP-TLS authentication for workgoup brdige fails.
Folloing is the log on ACS
Authentication failed
12514 EAP-TLS failed SSL/TLS handshake because of an unknown CA in the client certificates chain12811 Extracted TLS Certificate message containing client certificate.
12814 Prepared TLS Alert message.
12817 TLS handshake failed.
12514 EAP-TLS failed SSL/TLS handshake because of an unknown CA in the client certificates chain
12507 EAP-TLS authentication failed
12505 Prepared EAP-Request with another EAP-TLS challenge
11006 Returned RADIUS Access-Challenge
11001 Received RADIUS Access-Request
11018 RADIUS is re-using an existing session
12504 Extracted EAP-Response containing EAP-TLS challenge-response
11504 Prepared EAP-Failure
11003 Returned RADIUS Access-Reject
- Labels:
-
AAA
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-06-2012 06:03 AM
I have seen this issue before, the AP is present an old PAC and doesnt update until after you reboot. You can open a wireless TAC case and they will get you the right image as to when this was fixed. As a workaround you can extend the lifetime of the PAC in your authentication settings for EAP-FAST.
Thanks,
Sent from Cisco Technical Support iPad App
