Cisco EAP/TLS not working

Alan DeKok aland at
Wed Feb 22 23:47:02 CET 2006

Robert Myers <ccrider at> wrote:
> I'm having a problem with my Cisco 2950 and EAP/TLS...I've already 
> configured this to work on my HP 5300, so I'd assume that everything on 
> the freeradius end is proper...


> Sending Access-Challenge of id 9 to
>         EAP-Message = 0x0101000501

  The server is sending an EAP identity request, which is what it's
supposed to do.

> 000043: *Mar  1 01:16:24: %DOT1X-5-ERR_INVALID_AAA_ATTR: Got invalid AAA 
> attribute settings from RADIUS server

  That's pretty useless.  The switch is supposed to send the EAP
identity request back to the supplicant.

> My question is, for anyone who has set this up, what must I do in the 
> Cisco world to make this work?

  Call Cisco and ask them why HP's products work, and theirs don't.

  Alan DeKok.

More information about the Freeradius-Users mailing list