Skip navigation
Login   |   Register
Cisco Learning Home > CCNP Security Study Group > Discussions
612 Views 1 Reply Latest reply: Apr 10, 2012 12:34 AM by Fabio - FW specialist RSS

Currently Being Moderated

What does a failed EAP/RADIUS Authentication look like in wireshark?

Apr 9, 2012 2:01 PM

Tom 68 posts since
Nov 23, 2010

Hi guys,


Im trying out some 802.1x stuff on a rented rack. I havent been able to get it to work yet so i thought i would start with something simple like EAP-MD5 since that doesnt involve using certificates. The client i am using is an XP SP2 machine with the native supplicant, it asks me for credentials at which point i enter a username and password (same as configured on the user profile on the acs server). I see the EAP identity response packet get sent and then on the ACS machine i see a radius packet coming from the switch.


The problem is all i get back from the ACS server is ICMP destination port unreachable packets. It says icmp but it also has the radius info in the packet body. So is this what an EAP/RADIUS auth failure generates? The annoying thing is that the failed auth log file in ACS doesnt have any entries.


Anyone have any ideas?




More Like This

  • Retrieving data ...

Bookmarked By (0)