Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ACS Radius + Peap + MSChapV2

I am using a wireless setup

Aironet 1100, ACS 4.0, 3rd party Client adapter

I am able to connect to my wireless network by keying in username&pass created on the ACS user setup. Also by using a self signed certificate from the ACS.

Doubts: In ACS logs - Radius accounting is empty.

Failed attempts.csv shows "Authen failed, EAP-TLS or PEAP authentication failed during SSL handshake"

But i am able to authenticate my users successfully into the wireless network. What went wrong?

1 REPLY
Silver

Re: ACS Radius + Peap + MSChapV2

Hi

Try enabling the Passed Authentications report and see whats in there. It could be that the failure is perhaps purely transient and rectified by a subsequent attempt.

For example a re-key authentication requires SSL state on the ACS, it could be that the supplicant and ACS have to revert to performing a full authentication.

Im guessing but it is entirely possible to have entries in the failed attempts and still get access.

Darran

188
Views
0
Helpful
1
Replies
CreatePlease login to create content