Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Wireless Phone 7921G

hi all,

We are trying to authenticate cisco 7921G wireless phone through EAP-TLS..

getting error message in ACS server

EAP-TLS or PEAP authentication failed during SSL handshake

but EAP-TLS works fine with same ACS server when user machine is connected.

please let us know if any particular service need to be enabled in cisco 7921G(other than choosing in profile) to make it work

thanks in advance

8 REPLIES
Hall of Fame Super Silver

Re: Wireless Phone 7921G

Have you followed the steps in this doc?

http://www.cisco.com/en/US/docs/voice_ip_comm/cuipph/7921g/6_0/english/administration/guide/7921cfgu.html#wp1376129

-Scott
*** Please rate helpful posts ***
New Member

Re: Wireless Phone 7921G

hi, yes correct.this specifics are followed, one thing need to clariy the CM placed different site location and once this device is reqistered with CM..im unable to edit the phone time to local time,its automatically taking the CM time.

Now after restarting the ACS server service.in ACS server log seeing"internal error"

thanks

Hall of Fame Super Silver

Re: Wireless Phone 7921G

That is not good. Restart the server and see if it comes back up clean.

-Scott
*** Please rate helpful posts ***
New Member

Re: Wireless Phone 7921G

hi, i did restart the ACS server now..getting same error.

is there something to do with ACS server v3.3?

thanks

New Member

Re: Wireless Phone 7921G

adding the error detail

Date Time Message-Type User-Name Group-Name Caller-ID Authen-Failure-Code Author-Failure-Code Author-Data NAS-Port NAS-IP-Address

06/28/2008 14:17:05 Authen failed CP-7921G-SEP001D451BEFDC VoIP group 00-1D-45-1B-EF-DC Internal error .. .. 29 139.95.122.3

New Member

Re: Wireless Phone 7921G

one more thing observed is, in ACS server, the manufactured CA root certificate loaded in ACS server and checked in edit trust list.

but in certificate revocation list..that root is displayed as not in use.

CRL Issuers

Issuer Friendly Name Status

Cisco Manufacturing CA Not in use

while edit to make it used it asking for CRL Distribution URL..where can i get this URL?

thanks

Hall of Fame Super Silver

Re: Wireless Phone 7921G

Are you still getting errors from your first post. SSL handshake fails?

-Scott
*** Please rate helpful posts ***
New Member

Re: Wireless Phone 7921G

hi, im no more getting that error..only getting the internal error..even after server reboot.

thanks,

240
Views
0
Helpful
8
Replies