Cisco EAP/TLS not working

Alan DeKok aland at ox.org
Wed Feb 22 23:47:02 CET 2006


Robert Myers <ccrider at whiterose.net> wrote:
> I'm having a problem with my Cisco 2950 and EAP/TLS...I've already 
> configured this to work on my HP 5300, so I'd assume that everything on 
> the freeradius end is proper...

  Yup.

> Sending Access-Challenge of id 9 to 192.168.2.161:1812
>         EAP-Message = 0x0101000501

  The server is sending an EAP identity request, which is what it's
supposed to do.

> 000043: *Mar  1 01:16:24: %DOT1X-5-ERR_INVALID_AAA_ATTR: Got invalid AAA 
> attribute settings from RADIUS server

  That's pretty useless.  The switch is supposed to send the EAP
identity request back to the supplicant.

> My question is, for anyone who has set this up, what must I do in the 
> Cisco world to make this work?

  Call Cisco and ask them why HP's products work, and theirs don't.

  Alan DeKok.



More information about the Freeradius-Users mailing list