Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 

Cisco 7920 handsets fail to authenticate against WLSE-Express, but authentication works fine against other stand-alone AAA servers such as Cisco Secure ACS

Core Issue

The root cause of this problem is the inability of the 7920 firmware to issue an EAP-NAK response when it encounters an unsupported EAP authentication method. This is a limitation of the 7920 firmware that will be addressed in a future firmware release.

Resolution

This problem is documented in Cisco bug ID CSCsc22006. As a workaround, configure the 7920 handset to use an authentication method other than LEAP, or use Cisco Secure ACS as an external AAA server. Using any authentication method based on static information, such as pre-configured passwords, is inherently less safe. This issue was first first found in version 4.1(0.1) and 4.0(1.4) and was first fixed in version 4.1(1) and 4.1(0.2).

For more information, refer to Using the AAA Server. To install the certificate, refer to WLSE Express AAA Server Certificate Guide. For the latest firmware, refer to Wireless LAN Solution Engine Software Download Center.

Problem Type

Client / Device cannot authenticate

Products

Cisco 7920 Wireless Phones

CiscoWorks Wireless LAN Solution Engine (WLSE)

CiscoWorks Wireless LAN Solution Engine (WLSE) Express

Security Options

PEAP

Authentication

LEAP / RADIUS

Version history
Revision #:
1 of 1
Last update:
‎06-22-2009 06:16 PM
Updated by:
 
Labels (1)