The client could not be authenticated because the Extensible Authentication Protocol (EAP) Type cannot be processed by the server – NPS Radius Aruba

Recently a customers Aruba Wireless System was denying its wireless clients access.

A look at the logs showed Authentication failure. The Authentication was set to Radius.

A look on the radius server showed the failure reason ( 6275 ) as

The client could not be authenticated because the Extensible Authentication Protocol (EAP) Type cannot be processed by the server tls 1.0

Usually this is due to Cert expiry , however this was fine : 

Looking in the System Log and I found : 

A fatal error occurred while creating an SSL server credential. The internal error state is 10013.

This is because TLS1.0 has been disabled ( HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Server\Enabled = 0 ) on a Server 2012 Server

The fix is to create Dword “TlsVersion” in the below with Value c00 for TLS 1.2

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RasMan\PPP\EAP\13

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RasMan\PPP\EAP\25

Restart Extensible Authentication Protocol service when done

GD Star Rating
loading...
GD Star Rating
loading...
The client could not be authenticated because the Extensible Authentication Protocol (EAP) Type cannot be processed by the server - NPS Radius Aruba, 10.0 out of 10 based on 2 ratings

Tags: 1.0, 1.1, 1.2, A fatal error occurred while creating an SSL server credential. The internal error state is 10013., aruba, The client could not be authenticated because the Extensible Authentication Protocol (EAP) Type cannot be processed by the server tls 1.0, TLS

Trackback from your site.