09-17-2014 12:24 AM - edited 03-10-2019 10:01 PM
Hello.
I cannot get EAP-TLS auth to work on windows 7 wired setup. I've tested EAP-PEAP on wireless and wired - works fine. Also EAP-TLS for wireless works great. Clients are on same domain as radius (wich is Cisco ISE), we've deployed CA-services on that same domain too and are distributing certificates to clients via GPOs. Authenticators (switchports) are configured correctly, certificates work on EAP-TLS wireless setup, everything seems to be ok, but wired connection still cannot auth and EAP timeouts.
Here is the error:
Logged At: May 14,2013 11:52:12.159 AM
RADIUS Status: No response received during 120 seconds on last EAP message sent to the client : 5411 No response received during 120 seconds on last EAP message sent to the client
09-17-2014 02:41 AM
certificate not being trusted by device can result this error.. make sure you have the certificate trusted in the
certificate store
09-18-2014 09:49 AM
http://support.microsoft.com/kb/980295/en-us - works for me!
09-19-2014 05:06 AM
In fact, the issue was in CN, after change for SAN, worked fine!
http://d2zmdbbm9feqrf.cloudfront.net/2014/anz/pdf/BRKSEC-3045.pdf
09-18-2014 05:41 PM
disable fast reconnect to the client
09-19-2014 12:39 AM
Have you confirmed that the Supplicant is configured properly for EAP-TLS authentication? I have done this type of deployment many times and haven't had this issue.
Thank you for rating helpful posts!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide