Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

PEAP authentication during SSL handshake disconnect after 20-30 minutes

I have Windows 2003 ACS 4.0 servers.I use the windows active directory for the users and the ACS for the certificate.I am using them for WPA1/TKIP/PEAP wireless authentication. My Windows XP clients are able to authenticated and but they are disconnect after 20- 30 minutes.

The clients that do authenticate on the ACS 4.0 server with MS-PEAP. I alrealdy apply the patch from microsoft spack 2

1. why the windows client are able to authenticate , but after 20-30 minutes they disconnect?

2.what does that mean "EAP-TLS or PEAP authentication failed during SSL handshake")

3 in the log of the ACS, i am suppose to pass with MS-PEAP or Cisco-PEAP

Thanks for the help

1 ACCEPTED SOLUTION

Accepted Solutions
Bronze

Re: PEAP authentication during SSL handshake disconnect after 20

Try to apply this patch: http://support.microsoft.com/kb/885453

Zhenning

5 REPLIES
Bronze

Re: PEAP authentication during SSL handshake disconnect after 20

Try to apply this patch: http://support.microsoft.com/kb/885453

Zhenning

Community Member

Re: PEAP authentication during SSL handshake disconnect after 20

they do connect, but they disconnect after 20-30 minutes

Re: PEAP authentication during SSL handshake disconnect after 20

The error " EAP-TLS or PEAP authentication failed during SSL handshake " is mainly because of certificates issue . Either certificate on ACS got corrupted or expired OR Client is not able to validate root certificate with ACS.

Make sure that certificate installed on ACS was generated with key length of 1024.

Please also install that patch and you will see the improvement.

Regards,

~JG

Community Member

Re: PEAP authentication during SSL handshake disconnect after 20

Hi...Could this error be also caused by incomplete or corrupted packets as we're attempting to do the EAP-TLS across the WAN link?

thanks....

Silver

Re: PEAP authentication during SSL handshake disconnect after 20

Microsoft KB885453 is clearly identified in the ACS release notes and configuration guides. It has a prerequisite.

You also need KB917021 if you are using the Microsoft zero config client. Note that KB917021 replaces KB893357.

392
Views
10
Helpful
5
Replies
CreatePlease to create content