Yealink Forums

Full Version: 802.1x Certificate for PEAP
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
We have a number of T46G phones, firmware version 28.72.0.45, that we are trying to enable for 802.1x network authentication. The radius server is Windows 2008 R2, as is our certificate CA.

Our switch config, connection policies, accounts and certificates work for OSX, Ubuntu Linux, Windows 7/8, iOs, and Android devices...but no matter what I try I can't seem to get the Yealink's to authenticate. The NPS server event log shows the client logon failure, with error 23, indicating the PEAP encountered an issue. Pulling a PCAP from the phone shows alerts in the conversation, each of which end with "Level: Fatal, Description: Decrypt Error".

I've tried exporting our root cert in every way I'm aware of, but can't get it to work. Has anyone successfully deployed 802.1x on this model?

Thanks!
Hello,

Have you uploaded the server CA to phone?
If not, please disable the option "Only Accept Trusted Certificates" under Security-> Trusted Certificate and try again.

Regards,
James
Reference URL's