XMC NAC EAP Error TLS Cipher

If seeing the error below in the Status Description field under Events for end-systems after upgrading NAC (>7.0) try the listed parameters to the engine.

eap_tls: TLS Alert write:fatal:handshake failure eap_tls: SSL says: error:1408A0C1:SSL
routines:ssl3_get_client_hello:no shared cipher eap_tls: SSL_read failed in a system call (-1), TLS session  failed eap_tls: TLS receive handshake failed during operation eap_tls: [eaptls process] = fail eap: Failed continuing EAP TLS (13) session. EAP sub-module failed

Apply these two Appliance Properties to the NAC appliance:

RADIUS_TLS_REMOVE_RC4_CIPHERS=false

RADIUS_TLS_CIPHER_LIST=DEFAULT

TLS-CipherNote: This was helpful for the XP test machine I was using.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s