Wireless Phone 7921G

Unanswered Question
Jun 27th, 2008
User Badges:

hi all,

We are trying to authenticate cisco 7921G wireless phone through EAP-TLS..


getting error message in ACS server


EAP-TLS or PEAP authentication failed during SSL handshake


but EAP-TLS works fine with same ACS server when user machine is connected.


please let us know if any particular service need to be enabled in cisco 7921G(other than choosing in profile) to make it work


thanks in advance

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
gopinathv Sat, 06/28/2008 - 09:14
User Badges:

hi, yes correct.this specifics are followed, one thing need to clariy the CM placed different site location and once this device is reqistered with CM..im unable to edit the phone time to local time,its automatically taking the CM time.


Now after restarting the ACS server service.in ACS server log seeing"internal error"


thanks

Scott Fella Sat, 06/28/2008 - 09:52
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 Wireless

That is not good. Restart the server and see if it comes back up clean.

gopinathv Sat, 06/28/2008 - 11:18
User Badges:

hi, i did restart the ACS server now..getting same error.


is there something to do with ACS server v3.3?


thanks

gopinathv Sat, 06/28/2008 - 11:19
User Badges:

adding the error detail

Date Time Message-Type User-Name Group-Name Caller-ID Authen-Failure-Code Author-Failure-Code Author-Data NAS-Port NAS-IP-Address



06/28/2008 14:17:05 Authen failed CP-7921G-SEP001D451BEFDC VoIP group 00-1D-45-1B-EF-DC Internal error .. .. 29 139.95.122.3


gopinathv Sat, 06/28/2008 - 13:31
User Badges:

one more thing observed is, in ACS server, the manufactured CA root certificate loaded in ACS server and checked in edit trust list.


but in certificate revocation list..that root is displayed as not in use.


CRL Issuers

Issuer Friendly Name Status

Cisco Manufacturing CA Not in use


while edit to make it used it asking for CRL Distribution URL..where can i get this URL?


thanks


Scott Fella Sat, 06/28/2008 - 14:29
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 Wireless

Are you still getting errors from your first post. SSL handshake fails?

gopinathv Sat, 06/28/2008 - 14:31
User Badges:

hi, im no more getting that error..only getting the internal error..even after server reboot.


thanks,

Actions

This Discussion

 

 

Trending Topics: Other Wireless Mobility

client could not be authenticated
Network Analysis Module (NAM) Products
Cisco 6500 nam
reason 440 driver failure
Cisco password cracker
Cisco Wireless mode