- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
Re: WAX630: authentication failed - EAP type: 13 (TLS)
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
WAX630: authentication failed - EAP type: 13 (TLS)
Hi,
we have 8 WAX630 devices with the latest firmware (10.2.0.16). We are using 802.1X with external Radius system. Everything is working properly, however, every now and then random users cannot login to the SSID with radius enabled. The server responds "authentication failed" and the syslog servers show these entries:
(mac address and hostname were intentionally replaced)
Sep 22 16:19:25 REMOVED_HOSTNAME hostapd: wifi2vap3: STA XX:XX:XX:d4:46:fe IEEE 802.11: associated (aid 3)
Sep 22 16:19:27 REMOVED_HOSTNAME hostapd: wifi2vap3: STA XX:XX:XX:d4:46:fe IEEE 802.1X: authentication failed - EAP type: 13 (TLS)
Sep 22 16:19:27 REMOVED_HOSTNAME hostapd: SSID ROAM: Tx leave update for sta XX:XX:XX:d4:46:fe
Sep 22 16:19:27 REMOVED_HOSTNAME hostapd: SSID ROAM: Received station leave / disconnect update for sta XX:XX:XX:d4:46:fe
Sep 22 16:19:27 REMOVED_HOSTNAME hostapd: SSID ROAM: Received station leave / disconnect update for sta XX:XX:XX:d4:46:fe
Sep 22 16:19:27 REMOVED_HOSTNAME hostapd: SSID ROAM: Received station leave / disconnect update for sta XX:XX:XX:d4:46:fe
Sep 22 16:19:27 REMOVED_HOSTNAME hostapd: SSID ROAM: Received station leave / disconnect update for sta XX:XX:XX:d4:46:fe
Sep 22 16:19:27 REMOVED_HOSTNAME hostapd: SSID ROAM: Received station leave / disconnect update for sta XX:XX:XX:d4:46:fe
Sep 22 16:19:27 REMOVED_HOSTNAME hostapd: SSID ROAM: Received station leave / disconnect update for sta XX:XX:XX:d4:46:fe
Sep 22 16:19:27 REMOVED_HOSTNAME hostapd: SSID ROAM: Received station leave / disconnect update for sta XX:XX:XX:d4:46:fe
Sep 22 16:19:30 REMOVED_HOSTNAME hostapd: wifi2vap3: STA XX:XX:XX:d4:46:fe IEEE 802.11: authenticated
Sep 22 16:19:30 REMOVED_HOSTNAME configd[3673]: EEM: Received Event: NEW_STA_ASSOC_EEM
Sep 22 16:19:30 REMOVED_HOSTNAME hostapd: wifi2vap3: STA XX:XX:XX:d4:46:fe IEEE 802.11: associated (aid 3)
Sep 22 16:19:32 REMOVED_HOSTNAME hostapd: wifi2vap3: STA XX:XX:XX:d4:46:fe IEEE 802.1X: authentication failed - EAP type: 13 (TLS)
Checking RADIUS Server logs, there is not even the request to the RADIUS that would be sent at that point.
Currently, the workaround is to reboot the specific AP, ask user to re-authenticate, which, first, shows the same error, however, the request looks to be sent to the RADIUS server which then also give a proper feedback and logs the event (see screenshot below):
Checking the radius server logs, it show that the specific user was granted access:
The user can now connect to SSID without any issues.
Can someone help us out what is causing this issue?
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: WAX630: authentication failed - EAP type: 13 (TLS)
Hi @yawm Could you please capture the ethernet packet between WAX630 and your Radius server? Also send me the detailed logs. You can save the detailed logs by logging into WAX630 UI -> Monitoring page ->logs and download detailed logs. You can upload
packet captures and logs into any cloud storage such as google drive/one drive/drop box etc.. and send me a link to download via PM. Thank you !