5520 controller running 8.5.140 and a 3702 AP in local mode. I have other devices of various types concected to this SSID using EAP-TLS, so I am confident in the controller config (WPA2 Policy, WPA2 Encryption=AES, Authentication Key Management=802.1x)
I have a linux device that I am trying to connect via EAP-TLS. The deice is using wpa_supplicant. the config file is as follows:
The controller debug just shows the following:
*spamApTask3: Dec 16 09:53:46.861: b0:1f:81:d5:07:23 Association Failed on REAP AP BSSID ec:bd:1d:15:7b:d7 (slot 1), status 13 0 rsnie-osnie accept failed
*spamApTask1: Dec 16 09:53:52.260: b0:1f:81:d5:07:23 Association Failed on REAP AP BSSID 58:f3:9c:fb:a8:37 (slot 1), status 13 0 rsnie-osnie accept failed
Anyone have a config that works for wpa_supplicant and EAP-TLS?
- You may be hitting a CCKM compliance issue ; check the following :
I also found a related bug report :
The setting "key_mgmt=IEEE8021X" in your wpa_supplicant.conf file is for WEP keys only. You mentioned you are using WPA2, so you should use the following:
Also, if you don't want to be prompted for the private key password, you can add the following line under private_key:
dB Performance Inc.