Wireless Phone 7921G

Unanswered Question
Jun 27th, 2008

hi all,

We are trying to authenticate cisco 7921G wireless phone through EAP-TLS..

getting error message in ACS server

EAP-TLS or PEAP authentication failed during SSL handshake

but EAP-TLS works fine with same ACS server when user machine is connected.

please let us know if any particular service need to be enabled in cisco 7921G(other than choosing in profile) to make it work

thanks in advance

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
gopinathv Sat, 06/28/2008 - 09:14

hi, yes correct.this specifics are followed, one thing need to clariy the CM placed different site location and once this device is reqistered with CM..im unable to edit the phone time to local time,its automatically taking the CM time.

Now after restarting the ACS server service.in ACS server log seeing"internal error"


Scott Fella Sat, 06/28/2008 - 09:52

That is not good. Restart the server and see if it comes back up clean.

gopinathv Sat, 06/28/2008 - 11:18

hi, i did restart the ACS server now..getting same error.

is there something to do with ACS server v3.3?


gopinathv Sat, 06/28/2008 - 11:19

adding the error detail

Date Time Message-Type User-Name Group-Name Caller-ID Authen-Failure-Code Author-Failure-Code Author-Data NAS-Port NAS-IP-Address

06/28/2008 14:17:05 Authen failed CP-7921G-SEP001D451BEFDC VoIP group 00-1D-45-1B-EF-DC Internal error .. .. 29

gopinathv Sat, 06/28/2008 - 13:31

one more thing observed is, in ACS server, the manufactured CA root certificate loaded in ACS server and checked in edit trust list.

but in certificate revocation list..that root is displayed as not in use.

CRL Issuers

Issuer Friendly Name Status

Cisco Manufacturing CA Not in use

while edit to make it used it asking for CRL Distribution URL..where can i get this URL?


Scott Fella Sat, 06/28/2008 - 14:29

Are you still getting errors from your first post. SSL handshake fails?

gopinathv Sat, 06/28/2008 - 14:31

hi, im no more getting that error..only getting the internal error..even after server reboot.



This Discussion



Trending Topics: Other Wireless Mobility

client could not be authenticated
Network Analysis Module (NAM) Products
Cisco 6500 nam
reason 440 driver failure
Cisco password cracker
Cisco Wireless mode