Nokia E66 EAP-TLS error

jmprats · ‎12-04-2008

Hi, I am configuring a Nokia E66 (wich is v4 in Cisco Compatible Extensions, so it supports EAP-TLS) with WPA2 EAP-TLS against IAS in a Cisco Wireless Network and I always obtain the same error in the IAS event viewer.

denied accesss

Authentication-Type = EAP

EAP-Type = Smart Card or other certificate

Reason-Code = 16

Reason = Authentication was not successful because an unknown user name or incorrect password was used.

Has anybody tried E66 with EAP-TLS?

Any experiences?

pasimahone · ‎12-05-2008

Hi,

Could you send details of your wlan setup in Nokia device?

-Pasi-

jmprats · ‎12-10-2008

Yes, this is my setup

- hidden network

- infraestructure

- security: WPA/ WPA2

- EAP

- Plug -ins: EAP-TLS. I select the user certificate and the CA certificate. User name from the certificate, domain from the certificate

- WPA2 only mode

In the IAS log, the username is correct, but always appear this strange error. The certificates and infraestructure I use it works well in a notebook

Thanks

pasimahone · ‎12-16-2008

Hi,

Could you check the following from the Certificate:

'Issuer Alternative Name' and 'Subject Alternative Name' fields are not empty and

'Non Repudiation' field is not in use.

-Pasi-

jmprats · ‎01-08-2009

Hi Pasi,

I only have the field 'Issuer', I don't have 'Issuer Alternative Name'. I have 'Non Repudiation' in the intermediate CA certificate, but not in the user certificate.

I'm using certificates with a public key of 2048 bits in the user and 4096 in the CA. I don't know if this can be a problem

Thanks for your interest.