Hi,
I came in this morning and checked the CPPM and saw that all the smartdevices at one of our branch offices are experiencing issues connecting. All our laptops and desktops that are wireless are still connecting okay. They use EAP-PEAP and EAP-MSCHAPv2 to authenticate.
The smartdevices have already been Onboarded and are throwing out the following errors:
Alerts for this Request
RADIUS Invalid Status times in OCSP response
EAP-TLS: fatal alert by server - certificate_unknown
eap-tls: Error in establishing TLS session
The branch office in question has a subscriber CPPM that all the radius requests go to. None of our other offices appear to be experiencing this issue.
Any ideas what might be causing this?
Because the error mentions "Status times", I checked the time on both the controller and subscriber CPPM and verified that the time on these devices is correct.
I also did a "show auth-tracebuf mac ..." on a device exhibiting the behavior. From the log I am seeing:
- dot1x-timeout -> server timeout
- dot1x-timeout -> station timeout
I am also seeing the rad-reject and eap-failure messages. Not sure if this will help to diagnose what is causing this behavior.
Cheers