Reset Search
 

 

Article

wireless client cannot authenticate using EAP-TLS but the certificates are correct

« Go Back

Information

 
Titlewireless client cannot authenticate using EAP-TLS but the certificates are correct
Symptoms
some wireless clients cannot authenticate using EAP-TLS, while PEAP works and the client and server-certificates are correct
Environment
  • Identifi
  • RADIUS
  • wireless
Cause
Check if jumbo frames are enabled on the wireless controller, the switches on the path to the RADIUS server as well as the server itself.
If jumbo frames are enabled on the controller, but not on the whole path in the network then oversized EAP frames from the client are forwarded as oversized RADIUS messages by the controller and will be dropped in the network, as they include the "don't fragment" bit.
Resolution
Either disable jumbo-frames on the wireless controller, so no oversized frames are being sent from the controller to the RADIUS server, or make sure jumbo frames are enabled on the whole network (including at the RADIUS server).
Additional notes

Feedback

 

Was this article helpful?


   

Feedback

Please tell us how we can make this article more useful.

Characters Remaining: 255