1200 WPA/802.1x problem

Hi, folks,
I am trying 1200 WPA/802.1x(EAP). But now run into issues. It's a little strange. Everything I restarted ACS service, the authentication can pass, but after that when I disable or repair the wireless and try again the authentication fail.
1231G + ACS3.3 + self-signed certificate (I also tried CA server, the same)
Any one has or ever experienced this issue? Thanks.
Ed

Seems to be resolved. I upgraded the AP IOS to the lastest 12.38JA1, then it works. Although each time I can see one fail record in ACS log, but anyway the authentication can be completed after the first failed try.
BTY, I saw these words in cisco.com:
PEAP Authentication with Windows XP SP2 Fails with RADIUS Server
This issue occurs in Windows XP Service Pack 2 when you use a non-Microsoft RADIUS Server like the Cisco RADIUS server for authentiation. Sometimes the initial connection can authenticate successfully, but subsequent fast-connect authentication attempts might not connect successfully. Microsoft has confirmed that this is a problem in the Microsoft products.
This issue occurs if your Cisco RADIUS server uses a different method to calculate the Extensible Authentication Protocol (EAP) Type:Length:Value format (EAP-TLV) ID than the method that Windows XP uses.
In order to resolve this problem immediately, contact Microsoft Product Support Services to obtain the hotfix. You can find more information about this hotfix at Microsoft hotfix for WPA leavingcisco.com.
Interesting, ah?
Ed

Similar Messages

  • 802.1x Problem After Installing Update 10.4.10

    After installing the 10.4.10 update (from 10.4.9), I have started having problems with authenticating using 802.1x over my wireless connection. I enter my login information when prompted, and after a few seconds (when it says "Authenticating..."), it comes back with an error:
    WPA Authentication Failed.
    Security Error: 0
    If I try authenticating several more times, it will eventually work. It is not a signal strength issue, and it is not me mistyping my username and password.
    The only error in the console.log that I see is:
    /System/Library/PrivateFrameworks/Apple80211.framework/Resources/airport: Error: Could not start 802.1X
    This only seems to affect my attempts to log in using 802.1x. I am able to associate with WPA and WPA2 networks using pre-shared keys without any issues.
    My 802.1x settings are as follows:
    Network Port: AirPort
    Authentication: TTLS (all other un-checked)
    - TTLS Inner Authentication: MSCHAPv2
    - TTLS Outer Identity: (blank)
    AirPort card information:
    Wireless Card Type: AirPort Extreme (0x168C, 0x86)
    Wireless Card Locale: USA
    Wireless Card Firmware Version: 1.1.8.5
    Kernel Extension information:
    AirPortAtheros:
    Version: 2.3
    Last Modified: 2/27/07 9:32 PM
    Get Info String: 2.3, Copyright © 2006–2007 Apple Inc. All Rights Reserved.
    Location: /System/Library/Extensions/IO80211Family.kext/Contents/PlugIns/AirPortAtheros.k ext
    kext Version: 230.8.5
    Load Address: 0x98c000
    Valid: Yes
    Authentic: Yes
    Dependencies: Satisfied
    Integrity: Correct
    Any ideas? Thanks.
    MacBook   Mac OS X (10.4.10)  

    Found the problem... It turns out it is not related to the 10.4.10 patch, but it is still specific to MacBooks and the way they do EAP for 802.1x authentications.
    The problem was with the default settings on the Cisco/Airespace wireless controllers, which we have recently migrated to. It has a default EAP timeout/retry of 2 seconds, so depending on how long it takes you to type in your login information and submit it, you might fall outside the 2-second window where the controller is accepting that login. The solution was to increase that window on the wireless controller itself.
    My guess is that Windows automatically retries, which is why Windows users did not see this problem.
    Mac OS X (10.4.10)

  • 802.1X problem eapolclient crashing

    Hi,
    I once had a working 802.1X configuration, but playing around at a different university I messed up the configuration. Some of the options I tried may be still in the system although I erased any 802.1X configuration profiles I had earlier.
    When I try to login I get a message saying that WPA authentification failed. The logs tell me that eapolclient crashed.
    I found some discussions relating to VMWare. I am also using VMware, but I have a recent version and it used to work. I think I messed up the configuration and this causes the problem.
    Is there anything I could do?
    Thanks and greetings

    This is what the logs say:
    Host Name:
    Date/Time: 2009-09-29 16:55:28.912 +0200
    OS Version: 10.4.11 (Build 8S2167)
    Report Version: 4
    Command: eapolclient
    Path: /System/Library/SystemConfiguration/EAPOLController.bundle/Resources/eapolclien t
    Parent: configd [37]
    Version: ??? (???)
    PID: 2681
    Thread: 0
    Exception: EXCBADACCESS (0x0001)
    Codes: KERNPROTECTIONFAILURE (0x0002) at 0x00000004
    Thread 0 Crashed:
    0 com.apple.CoreFoundation 0x9082aed8 CFRunLoopAddSource + 30
    1 eapolclient 0x00002d0e FDHandler_create + 192
    2 eapolclient 0x000021ca EAPOLSocket_create + 373
    3 eapolclient 0x00005fe1 Supplicant_create + 75
    4 eapolclient 0x000033be main + 1179
    5 eapolclient 0x00001e66 _start + 216
    6 eapolclient 0x00001d8d start + 41
    Thread 0 crashed with X86 Thread State (32-bit):
    eax: 0x00000000 ebx: 0x9082aec8 ecx: 0xa0814148 edx: 0xffffffff
    edi: 0x00301590 esi: 0x00000000 ebp: 0xbffff528 esp: 0xbffff4d0
    ss: 0x0000001f efl: 0x00010246 eip: 0x9082aed8 cs: 0x00000017
    ds: 0x0000001f es: 0x0000001f fs: 0x00000000 gs: 0x00000037
    Binary Images Description:
    0x1000 - 0x8fff eapolclient /System/Library/SystemConfiguration/EAPOLController.bundle/Resources/eapolclien t
    0x8fe00000 - 0x8fe4afff dyld 46.16 /usr/lib/dyld
    0x90000000 - 0x90171fff libSystem.B.dylib /usr/lib/libSystem.B.dylib
    0x901c1000 - 0x901c3fff libmathCommon.A.dylib /usr/lib/system/libmathCommon.A.dylib
    0x9080b000 - 0x908d3fff com.apple.CoreFoundation 6.4.11 (368.35) /System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation
    0x90913000 - 0x90a07fff libicucore.A.dylib /usr/lib/libicucore.A.dylib
    0x90a57000 - 0x90ad6fff libobjc.A.dylib /usr/lib/libobjc.A.dylib
    0x90aff000 - 0x90b63fff libstdc++.6.dylib /usr/lib/libstdc++.6.dylib
    0x90bd2000 - 0x90bd9fff libgcc_s.1.dylib /usr/lib/libgcc_s.1.dylib
    0x90bde000 - 0x90c51fff com.apple.framework.IOKit 1.4.8 (???) /System/Library/Frameworks/IOKit.framework/Versions/A/IOKit
    0x90c66000 - 0x90c78fff libauto.dylib /usr/lib/libauto.dylib
    0x91158000 - 0x91166fff libz.1.dylib /usr/lib/libz.1.dylib
    0x91169000 - 0x91308fff com.apple.security 4.5.2 (29774) /System/Library/Frameworks/Security.framework/Versions/A/Security
    0x91420000 - 0x91446fff com.apple.SystemConfiguration 1.8.6 /System/Library/Frameworks/SystemConfiguration.framework/Versions/A/SystemConfi guration
    0x91948000 - 0x919fafff libcrypto.0.9.7.dylib /usr/lib/libcrypto.0.9.7.dylib
    0x94cc8000 - 0x94cd6fff com.apple.framework.Apple80211 4.5.5 (455.2) /System/Library/PrivateFrameworks/Apple80211.framework/Versions/A/Apple80211
    0x96c26000 - 0x96c3cfff com.apple.EAP8021X 8.0.5 (???) /System/Library/PrivateFrameworks/EAP8021X.framework/Versions/A/EAP8021X

  • Wpa/wpa2 password problems

    I set up a brand new AE 802.11n with a 13 character WPA/WPA2 personal password.
    I am able to connect to it with a new iMac with a new extreme n airport card.
    I can also connect to a very old 400 Mhz Tiger imac with an old airport card which asks for a WPA2 password.
    But when I try to connect with an iBook (1 GHz Panther) with an airport extreme card it presents me with 6 possible types of passwords:
    password (wants only 6 digits)
    40 bit HEX
    40 bit ascii
    128 bit HEX
    128 bit ascii
    LEAP
    none of these accept the 13 digit password
    Do I need to update some "client-side" software on the iBook so that the airport card understands about WPA2 passwords?
    Message was edited by: Joseph Vander

    An update -
    I never got past this problem directly. I noticed a thread on the macintouch website reporting similar problems with old clients trying to connect to Airport Extremes.
    However, I found a way around the problem. I took my old Snow airport base station which would have been gathering dust and used it as a router. The drawback is that I am using up one of the ethernet ports on the Extreme, but the good news (I think) is that the "b" airport card on the old imac is hidden behind the Snow base station and therefore is not slowing down the "n" network.
    Hopefully this will help someone. I would like to note that I got some helpful advice from Duane in the Snow discussions in getting this solution working.

  • TS1398 WPA wifi network problems

    my ipod touch 4g is says "unable to connect" when i try conecting to a wpa network

    Does the iOS device connect to other networks?
    Does the iOS device see the network?
    Any error messages?
    Do other devices now connect?
    Did the iOS device connect before?
    Try the following to rule out a software problem:                 
    - Reset the iOS device. Nothing will be lost
    Reset iOS device: Hold down the On/Off button and the Home button at the same time for at
    least ten seconds, until the Apple logo appears.
    - Power off and then back on your router
    .- Reset network settings: Settings>General>Reset>Reset Network Settings
    - iOS: Troubleshooting Wi-Fi networks and connections
    - Wi-Fi: Unable to connect to an 802.11n Wi-Fi network
    - iOS: Recommended settings for Wi-Fi routers and access points
    - Restore from backup. See:
    iOS: How to back up
    - Restore to factory settings/new iOS device.
    If still problem make an appointment at the Genius Bar of an Apple store since it appears you have a hardware problem.
    Apple Retail Store - Genius Bar

  • HP LaserJet 1200 series BW USB problem

    I am unable to re install my HP BW LaserJet 1200 series printer. My system is WIN XP PRO, SP3.
    The printer was working fine, then something happened and the printer is not listed in Device manager. The printer self check works OK,, but when I plug in the USB cable, there is no screen respons that a new USB device has been found. 
    Note , I have 2 flash drives attached to the USB ports that work OK.
    I tried to re install the 1200 series driver, but the printer is not  listed in Device manager.
    Any suggestions troubleshooting tips would be appreciated.
    Thanks,

    I've often had this problem when I start a print but the 1200 is not connected, or for other reasons. I either:
    1. Turn the HP 1200 off then on; or
    2. Go to Print centre and delete the job.
    One of these always fixes the problem.

  • Windows 7 Home Premium with 802.1x problems with the Authentication

    We have problems with  OS Windows 7 Home Premium 802.1x, the message in ACS:
    EAP-TLS or PEAP authentication failed during SSL handshake
    ACS v4.1
    We have OS Windows 7 Professional and doesn´t have problems with the authentication.
    I hope that you can help me
    Regards

    We were investigated with specialist people of OS Windows and the conclusion was that the Home Premium Version has restrictions about authentication and domain (Active Directory). So we need change the version of OS (Proffessional for example).
    If you had another tip, please tell me and I try it for resolve this issue, if not we have to change the OS.
    Regards

  • WiFi  - WPA - 802.1X - Bug?

    Hi guys,
    sorry for posting this here in the discussion forums, but I don't really know where to do it.
    I think, I just found a bug in the OS X Network Preferences. I tried to login into a WPA secured network. Therefore I had to import a private key file and a certificate. After doing that I had to configure a 802.1X profile. So I did.
    But by clicking on the "Connect"-Button in the Airport preferences, it tried to access my MobileMe certificate and not that, that I imported before. SO it didn't work.
    I had to delete the MobileMe certificates from the KeyChain to make it access the privateKey.
    I was about to post it somewhere directly to Apple but couldn't find the link. Maybe you guys could do that for me?
    Thank you very much.
    Best regards from Viena/Austria
    Kamil

    http://www.apple.com/feedback/

  • Late 2013 rMBP 13" 802.11ac problem

    I've got a brand new 13" Retina MacBook Pro 13" (the 512GB i5 model)...and after a rather strong showing at first, it falls absolutely flat when attempting to connect to the 5GHz side of my wireless router.
    Specifically, this:
      Current Network Information:
    yannnet 5G:
      PHY Mode:          802.11ac
      BSSID:          10:fe:ed:xx:xx:xx
      Channel:          149
      Country Code:          US
      Network Type:          Infrastructure
      Security:          WPA2 Personal
      Signal / Noise:          -56 dBm / -92 dBm
      Transmit Rate:          27
      MCS Index:          1
    As you can see, this isn't a weak signal problem. In fact, I've got multiple other devices (mid-2009 MacBook, 27" 2011 iMac, Nexus 5, iPad third-gen) that connect to that network just fine, whether at 11ac speeds (the Nexus 5, at a full 433 Mbps since it only has one antenna) or at 11n speeds (for all other devices).
    2.4GHz appears to have sporadic issues as well, but it's better than 5GHz. Ethernet via a USB 3.0 adapter seems to work fine.
    I've got Mac OS X 10.9.2 installed. Any idea what's going on here? I've cleared preference plist files etc., and that only seems to help for a minute or two.

    Go ahead an exchange it for a different machine - 95% health is just not acceptable for a new machine.
    Clinton

  • Cisco ACS 5.4 + Anyconnect 3.1 NAM with 802.1x, problem with changing ACS Radius user password

    Dear all,
    Presently, we are testing 802.1x using Cisco ACS 5.4 and Cisco Anyconnect v3.1 as 802.1x supplicant. We have created predefined NAM profiles (with Cisco Profile Editor) and applied as default in on our test machine. We are using PEAP (MsCHAPv2) and ACS local user credentials for authenticating process. We have noticed that, when we try to authenticate the network with predefined profile (network profile has Administrator Network privileges) and Windows user on test machine has no Admin privileges we are not able to change ACS user password (checked "Change password on next login" in the ACS user profile). In the Monitoring and Report View we get Failure Reason "24203 User need to change password"  but no popup window apears in Anyconnect. When we change Windows local user privileges to Admin or create Anyconnect network profile localy (privileges User Network) then, we are able to finish the process.
    Have you ever been facing the problem described above. Is it Anyconnect bug? How can we fix it?
    Best regards,
    Piotr

    If this happens with all machines then if a microsoft guy can look the app logs/privileges. It seems the app is requesting privilege that it is not authorized to and that's why the propmt window fails to appear. If we know what that privilege is we can probably fix it. If that privilege is not even required for smooth work Cisco need probably to fix this behavior.
    I am sorry if I am not able to help but I am not using the anyconnect for production.
    Regards,
    Amjad
    Rating useful replies is more useful than saying "Thank you"

  • WLC 5500 802.1x problems

    So here is the problem that i have.
    I have a WLC 5500 in site A ( let´s say city A too ) with its own set of wlans ( wlan 1 , wlan 2 ... ) that are used to differentiate different types of users ( teachers, students, etc )  using a RADIUS server and a AD for this client and using 802.1x. Everything on site A is working fine.
    Now i´m trying so set an access point in site B ( in city B ) with its own set of wlans ( wlan X, wlan Y ... ) that is also used to differentiate clients, site B as its own DHCP, its own RADIUS and its own AD. I´ve managed to connect the access point to the WLC and set wlans for site B. My problem now is that when a user tries to connect to wlan X and he is suppose to be in wlan Y, he is not forwarded to wlan Y and is left in wlan X. I´ve also configured HREAP.
    Does anyone as any idea why the clients aren't being assigned to the correct wlan??
    I´ve checked in the Radius server and its sending the correct wlan to the user.
    I now that the text is probably a little bit confusing, but i hope that someone can help me.
    Thanks in advanced.

    You are right, it is not supported:
    Note: If the APs are in H-REAP mode and locally switched at the remote site, the dynamic assignment of users to a specific VLAN based on the RADIUS server configuration is not supported. 
    Since you can't do dynamic vlan, why not have two policies, one for teachers and the other for students.  You will need to have then in seperate groups in AD also.  Then filter on the ssid and the AD group, so if students try to access the teachers ssid using their credentials, they get rejected and vice versa.
    I don't know what you mean by connecting two site without h-reap.  The only other way is switching the AP to local mode, which you better have some good bandwidth.
    Scott

  • 802.1x problems with Cat4510E-Sup6L, IOS 12.2.54

    Hi, all.
    I have a very strange problem when turning on 802.1x/MAB on Cisco IOS 12.2.54 running on Cat45xx switches.
    Here is a config sample of a port:
    interface GigabitEthernet9/48
    switchport access vlan xxx
    switchport mode access
    switchport voice vlan yyy
    no logging event link-status
    load-interval 60
    authentication event fail action next-method
    authentication event server dead action authorize vlan xxx
    authentication host-mode multi-domain
    authentication order mab dot1x
    authentication priority dot1x mab
    authentication port-control auto
    mab
    no snmp trap link-status
    dot1x pae authenticator
    dot1x timeout tx-period 10
    flowcontrol receive off
    storm-control broadcast level 5.00
    storm-control action shutdown
    spanning-tree portfast    
    Cisco ACS 5.1 is running as an radius/tacacs appliance in the network.
    Since we have many non-certificate-capable devices, MAB is used first to authenticate these devices, for many
    devices the radius server sends down a specific vlan id for that port.
    All of this works fine !!!!
    Now for the problem:
    Some devices authenticate fine with mab, but after a few minutes these devices stop responding to the network,
    pings are not answered anymore.
    "show authen sessions" for this port shows everything good:
    show authentication sessions int gig9/48
                Interface:  GigabitEthernet9/48
              MAC Address:  000d.1234.5678
               IP Address:  10.aa.bb.cc.dd
                User-Name:  00-0D-12-34-56-78
                   Status:  Authz Success
                   Domain:  DATA
           Oper host mode:  multi-domain
         Oper control dir:  both
            Authorized By:  Authentication Server
              Vlan Policy:  zzz
          Session timeout:  N/A
             Idle timeout:  N/A
        Common Session ID:  0A540423000015FE74510567
          Acct Session ID:  0x00001608
                   Handle:  0x34000609
    Runnable methods list:
           Method   State
           mab      Authc Success
           dot1x    Failed over
    When i shutdown and reenable the interface, show auth sessions changes to:
    show authentication sessions int gig9/48
                Interface:  GigabitEthernet9/48
              MAC Address:  Unknown
               IP Address:  Unknown
                   Status:  Running
                   Domain:  UNKNOWN
           Oper host mode:  multi-domain
         Oper control dir:  both
          Session timeout:  N/A
             Idle timeout:  N/A
        Common Session ID:  0A5404230000160676F62524
          Acct Session ID:  0x00001613
                   Handle:  0x24000610
    Runnable methods list:
           Method   State
           mab      Running
           dot1x    Not run
    After a variable time period (sometimes 2 minutes, sometimes 2 hours) the port learns or sees the
    mac address again, authenticates it and pings start to respond again, but also for a variable time period only
    and the whole thing starts over (pings lost, ......)
    I guess this is a .1x issue, because if I configure the port as a normal switchport (mode access, access vlan "zzz", span portfast),
    the devices show no problems at all, always reachable, no packets lost.
    Did I miss anything ??
    Anyone encountered any similar problems ???

    Hi, I have experiensed a similar problem, I have a C4506 sup 4, with gig interfaces. I have ACS5.1 and if I enable dot1X on a access-port it works fine in multi-host mode but when I switch to multi-domain it stops working, the pc and phone gets an IP address but they are not able to communicate, not even pinging the default GW. Directiy after the switch to multi-domain (from multi-host) the phone and pc works but if i do a shut no shut on the interface it stops working. I have logged a case with TAC and wating for an answer. I run the latest release 12.2(54)
    / Magnus

  • 802.1x problem

    Need a help
    1) We have implementing 802.1x authentication( MAC authentication) for central location,each user need to be authenticate through Laptop/desktop MAC address based on 802.1x. after authenticating user have received IP address from DHCP server.
    2) We are using separate DHCP server in Central location as well as each location which has been implemented in swicth.
    3) For authentication we are using Cisco ACS 4.1 and authentication based on ieee
    4) In central location all user able to authenticate properly through ACS
    5) For remote branches if we are configured 802.1x related configuration user not able to get authenticate and not bale to attach with network.
    6) Central Location and Remote location using class B and Class C network segment. All the swith in remote location work as a transparent bridging.
    Configuration in switch :
    aaa authentication dot1x default group radius
    aaa authorization network default group radius
    aaa session-id common
    system mtu routing 1500
    ip subnet-zero
    ip dhcp excluded-address 192.168.108.1
    ip dhcp excluded-address 192.168.108.1 192.168.108.5
    ip dhcp pool LOCALLAN
    network 192.168.108.0 255.255.255.0
    default-router 192.168.108.1
    dns-server 172.16.25.9 172.16.25.8
    interface FastEthernet0/23
    switchport mode access
    dot1x pae authenticator
    dot1x port-control auto
    dot1x timeout tx-period 1
    dot1x reauthentication
    radius-server host 172.16.25.100 auth-port 1645 acct-port 1646 key 7 045802150C2E1D1C5A
    1) We have implementing 802.1x authentication( MAC authentication) for central location,each user need to be authenticate through Laptop/desktop MAC address based on 802.1x. after authenticating user have received IP address from DHCP server.
    2) WE are using separate DHCP server in Central location as well as each location which has been implemented in swicth.
    3) For authentication we are using Cisco ACS 4.1 and authentication based on ieee
    4) In central location all user able to authenticate properly through ACS
    5) For remote branches if we are configured 802.1x related configuration user not able to get authenticate and not bale to attach with network.
    Configuration in switch :
    aaa authentication dot1x default group radius
    aaa authorization network default group radius
    aaa session-id common
    system mtu routing 1500
    ip subnet-zero
    ip dhcp excluded-address 192.168.108.1
    ip dhcp excluded-address 192.168.108.1 192.168.108.5
    ip dhcp pool LOCALLAN
    network 192.168.108.0 255.255.255.0
    default-router 192.168.108.1
    dns-server 172.16.25.9 172.16.25.8
    interface FastEthernet0/23
    switchport mode access
    dot1x pae authenticator
    dot1x port-control auto
    dot1x timeout tx-period 1
    dot1x reauthentication
    radius-server host 172.16.25.100 auth-port 1645 acct-port 1646 key 7 045802150C2E1D1C5A
    Switch not able to sending EAPOL packect to ACS and there is not blocking in Firewall for 1645 and 1646 service.
    Could you please help us regarding that problem so that we are able to mitigate the issue.

    Hi Nitin,
    The switch is in a different subnet to the radius server is the switch able to see the radius server ok, can you ping the server from the switch? does your radius server show state as UP when issuing a 'show aaa servers' on the switch?
    The client (supplicant) EAPOL frames will only travel as far as the switch (authenticator), after this the switch sends radius information to ACS (authentication server). If you make sure you can see the radius server from the switch try debugging radius on the switch to see what information it's sending and receiving.
    HTH
    Howard
    Howard Hooper CCIE 23470
    CCNP CCNA CCDA
    MCP CWSE

  • IMac G5 Airport Extreme Card WEP/WPA Security connection Problem

    I have an iMac G5 (non Intel) and a wireless Belkin 801.g MIMO router. When I have no security setup on the router (ie straight out of the box)then the Airport Express card connects to the network without problems. As soon as I set either WEP or WPA or WPA2 security on the router and input the correct settings in the Airport configuration in system preferences the card sees the Network but will not connect. I simply get the message "error connecting to network". I have a Windows based laptop with built in wireless card and this has no problems at all connecting to the secured network, whether it is WEP or WPA or WPA2. Does anyone have any thoughts or ideas please?

    I have the same problem with my new black MacBook and a Netgear router. I can connect to the 'free' networks all around me, my Airport Extreme card sees the wi-fi network in my home that I want to connect to, and my old iBook with its lowly Airport card connected (and still does) with no problem using the '40-bit hex' option when entering the password. But now all of a sudden there are just 'errors' when I try to connect (having tried all the various options, and two different types of passwords or keys as provided by the network administrator). Oh yeah, and of course Apple Support won't help because they don't want to know about problems relating to third-party technology... We can't be the only ones with this problem!
    MacBook   Mac OS X (10.4.9)  
    MacBook   Mac OS X (10.4.9)  

  • E72 WPA PSK handshake problem

    Hi,
    my company has bought a couple of E72's.
    I'm trying desperatly to get them to connect to our WLAN network, which is encrypted using WPA/WPA2 with a PSK. Every other device will just work fine, but the E72 is timing out while connecting giving an error  "bad WPA key". We did a trace on our WLAN equipment, which tells us that the E72 is never responding to the 3rd request of the 4-way handshake.
    I have the latest FW (052.005.C00.01)
    Can I get any detailed logs from the phone; did anyone experience similar problems ?
    Here's the trace from the AP:
    DOT1X Dec  7 16:46:04.892650 DEBUG DOT1X-CLIENT: (177) retransmit packet to 3c:f7:2a:3a:5a:f2
    DOT1X Dec  7 16:46:06.892773 DEBUG DOT1X-TIMEOUT: (177) retransmit (number 3) to 3c:f7:2a:3a:5a:f2
    DOT1X Dec  7 16:46:06.892791 DEBUG DOT1X-CLIENT: excessive retransmits, deleting client from 3c:f7:2a:3a:5a:f2
    DOT1X Dec  7 16:46:06.892808 WARNING DOT1X_AAA_ERR: Excessive retransmits; client: 3c:f7:2a:3a:5a:f2; mac: 3c:f7:2a:3a:5a:f2; ssid: test; AP 4/1
    DOT1X Dec  7 16:46:06.892926 DEBUG DOT1X-CLIENT: cleaning up client from 3c:f7:2a:3a:5a:f2
    Cheers,
    Bob

    Have you tried connecting to the access point with WPA disabled? Or any open access point for that matter.
    You could try to explicitly add pairwise=TKIP to your wpa_supplicant.conf, just to be sure, although it shouldn't matter. That is the only difference I see compared to mine which works for me. Otherwise it might help if you post your network profile or rc.conf.

Maybe you are looking for