PEAP authentication during SSL handshake disconnect after 20-30 minutes

Answered Question
Aug 28th, 2007

I have Windows 2003 ACS 4.0 servers.I use the windows active directory for the users and the ACS for the certificate.I am using them for WPA1/TKIP/PEAP wireless authentication. My Windows XP clients are able to authenticated and but they are disconnect after 20- 30 minutes.

The clients that do authenticate on the ACS 4.0 server with MS-PEAP. I alrealdy apply the patch from microsoft spack 2

1. why the windows client are able to authenticate , but after 20-30 minutes they disconnect?

2.what does that mean "EAP-TLS or PEAP authentication failed during SSL handshake")

3 in the log of the ACS, i am suppose to pass with MS-PEAP or Cisco-PEAP

Thanks for the help

I have this problem too.
0 votes
Correct Answer by zhenningx about 9 years 1 month ago

Try to apply this patch:


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (3 ratings)
Jagdeep Gambhir Thu, 08/30/2007 - 06:40

The error " EAP-TLS or PEAP authentication failed during SSL handshake " is mainly because of certificates issue . Either certificate on ACS got corrupted or expired OR Client is not able to validate root certificate with ACS.

Make sure that certificate installed on ACS was generated with key length of 1024.

Please also install that patch and you will see the improvement.



axfalk1 Thu, 09/27/2007 - 18:07

Hi...Could this error be also caused by incomplete or corrupted packets as we're attempting to do the EAP-TLS across the WAN link?


rseiler Fri, 08/31/2007 - 09:14

Microsoft KB885453 is clearly identified in the ACS release notes and configuration guides. It has a prerequisite.

You also need KB917021 if you are using the Microsoft zero config client. Note that KB917021 replaces KB893357.


This Discussion



Trending Topics - Security & Network