Site was running fine until the WLC had a hardware failure.
A new WLC was shipped out, was running 6.0.99 then manually upgraded to 7.0.98. Clients cannot authenticatewith recurrent logs messages like this.
*dot1xMsgTask: Feb 23 17:05:03.648: %DOT1X-3-MAX_EAP_RETRIES: 1x_auth_pae.c:2914 Max EAP identity request retries (3) exceeded for client 00:21:5c:<snip> *spamApTask0: Feb 23 17:05:01.926: %DTLS-3-HANDSHAKE_FAILURE: openssl_dtls.c:629 Failed to complete DTLS handshake with peer 192.168.214.91
I have tried changing the key on the radius server to no avail.Anybody have any ideas?
Re: WLC Failed to complete DTLS handshake with peer
I'm unsure about what the first NPS message means.
It's a dot1x authentication not completing issue, the authentication process must be looked at to understand which part is stopping. It could be the client not trusting the NPS certificate, the NPS stopping the authentication because it doesn't like the WLC for some reason ... could be anything.