Cisco Bug: CSCtb40464 - 1410 non-root does not send Radius NAK with access-challenge for EAP-MD5
Feb 22, 2014
- Cisco Aironet 1400 Series
- Cisco Aironet 1310 Access Point/Bridge
- Cisco Aironet 1400 Wireless Bridge
Known Affected Releases
Symptom: 1410 non-root does not send Radius NAK with access-challenge for EAP-MD5. Conditions: Non-root 1410 authenticating with LEAP does not send a Radius NAK when the first access-challenge from the Radius server contains EAP-MD5. The non-root should send another access-request by specifying that LEAP should be used. Instead, it accepts the EAP-MD5 and sends the LEAP credentials for which it is configured. After this the Radius server sends an EAP-MD5 access-accept since the credentials are correct and the EAP authentication method agreed was EAP-MD5 (there was no NAK sent). However, when receiving the EAP-MD5 success, the non-root is of course not validating the encryption and so failing the association.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases