Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Authentication Failure in Cisco Secure ACS v4.1

Hi, I added a user in the Cisco Secure ACS and I am getting the following Authen-Failure-Code in Failed Attempts:

EAP-TLS or PEAP authentication failed during SSL handshake.

When I run Support in System Configuration > Support, I get the following in the auth.log:

AUTH 05/15/2008 16:55:40 I 0928 3320 AuthenProcessResponse: process response for 'FE:A3:C4:00:32:40'

AUTH 05/15/2008 16:55:40 E 0381 3320 EAP: TLS: ProcessResponse: SSL handshake failed, status = 3 (SSL send alert fatal:decode error)

AUTH 05/15/2008 16:55:40 E 0381 3320 EAP: TLS: ProcessResponse: SSL ext error reason: 87 (Ext error code = 0)

AUTH 05/15/2008 16:55:40 E 0381 3320 EAP: TLS: ProcessResponse(1519): mapped SSL error code (3) to -2120

Does anybody know, what the issue could be. I was able to find info about 2120, but don't know what exactly this means, other than that the authentication failed:

UDB_EAP_TLS_HANDSHAKE_FAILED

Thank you,

Jutta

1 REPLY

Re: Authentication Failure in Cisco Secure ACS v4.1

Jutta,

SSL alert fatal:decode error: That means basically, the client has a problem with decoding the root certificate.

Please make sure that client has CA installed. If you are doing peap and uncheck validate server certificate on wireless setting on the client.

Regards,

~JG

Do rate helpful posts

692
Views
0
Helpful
1
Replies
CreatePlease login to create content