Recently a customers Aruba Wireless System was denying its wireless clients access.

A look at the logs showed Authentication failure. The Authentication was set to Radius.

A look on the radius server showed the failure reason ( 6275 ) as

The client could not be authenticated because the Extensible Authentication Protocol (EAP) Type cannot be processed by the server tls 1.0

Usually this is due to Cert expiry , however this was fine : 

Looking in the System Log and I found : 

A fatal error occurred while creating an SSL server credential. The internal error state is 10013.

This is because TLS1.0 has been disabled ( HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Server\Enabled = 0 ) on a Server 2012 Server

The fix is to create Dword “TlsVersion” in the below with Value c00 for TLS 1.2

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RasMan\PPP\EAP\13

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RasMan\PPP\EAP\25

Restart Extensible Authentication Protocol service when done