[YMCS/YDMP Free Trial Program]Yealink would like to offer Free Trial Program of Yealink device management service for our current eligible customers. You can see the details below.
https://www.yealink.com/ydmp-freetrial-2020


Post Reply 
 
Thread Rating:
  • 0 Votes - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
T46g & T48G RADIUS 802.1x and SHA256
Author Message
dgcorp Offline
Junior Member
**

Posts: 4
Joined: Aug 2015
Reputation: 0
Post: #12
RE: T46g & T48G RADIUS 802.1x and SHA256
- Can Yealink acknowledge that there is a problem with 802.1x PEAP-MSCHAPv2 on the more recent ROMs and is anything being done to fix this?


I just found this forum thread and wanted to say that I'm seeing the same problems as Bigmac.

We are preparing to enable 802.1x across our wired network.
Planned 802.1x Auth Method = PEAP/MSCHAPv2
Switches are HP / Aruba
RADIUS is Win2012R2 Network Policy Server
CA Root is Win2012R2 Certificate Services.
Root Cert is Base64 PEM encoded (file ends in .cer) using SHA1 (not SHA256 I don't think)

Yealink T46 with ROM: 28.80.0.136 (provisioned by our supplier Teliqo)


I spent yesterday unable to get my test T46G phone to connect but it was just failing repeatedly, no matter what I adjusted in the RADIUS settings.

RADIUS logs error:
"Terminate Cause: Unexpected error. Possible error in server or client configuration." (most unhelpful I know)

Windows Security Log EventID 6273:
Reason Code: 23
Reason: An error occurred during the Network Policy Server use of the Extensible Authentication Protocol (EAP). Check EAP log files for EAP errors.

Windows System Log EventID 36887: (around the same time)
"A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 46."

-

I was starting to pull my hair out, until I thought to try an older ROM. Here are my results:
28.72.23.6 = PEAP works
28.80.0.95 = PEAP works
28.80.0.136 = does NOT work
28.81.0.25 = does NOT work

I saw a similar PCAP network trace as I think Bigmac posted, but I haven't analysed it in great detail.


Regards, Derek
-
02-13-2017 10:00 PM
Find all posts by this user    like0    dislike0 Quote this message in a reply
Post Reply 


Messages In This Thread
RE: T46g & T48G RADIUS 802.1x and SHA256 - dgcorp - 02-13-2017 10:00 PM

Possibly Related Threads...
Thread: Author Replies: Views: Last Post
  Best way to manage line keys on multiple T48G/S sani390 0 3,421 07-01-2021 02:06 PM
Last Post: sani390
  Change standard outgoing line on T46G oestersund 1 6,491 12-15-2018 09:58 PM
Last Post: support2
  Call Park Mode transfer on T48G jasonblewis 2 10,916 11-09-2017 01:26 AM
Last Post: Aishion_Yealink
  T48G not connecting to Skype Lisa H 0 4,518 10-16-2017 03:17 AM
Last Post: Lisa H
  can't setup openvpn with t48g zzz 8 24,098 07-18-2017 09:04 AM
Last Post: sj
  T46G: How to deactivate Live Dialpad totally? Werner1959 6 16,358 03-05-2017 08:21 PM
Last Post: Werner1959
  T48G - busy tone for a second incomming call Dirk 8 19,783 01-17-2017 05:36 PM
Last Post: complex1
  T46G with exp40 Paulo Batista 2 8,963 11-06-2016 01:57 AM
Last Post: CWR
  T46G eaches only incoming calls, no outgoing calls Ddorf 2 8,249 10-27-2016 12:46 AM
Last Post: anonymous1711612242218
  T46G Hostname not registering on DHCP fraukas 2 12,565 10-27-2016 12:34 AM
Last Post: anonymous1711612242218

Forum Jump:


User(s) browsing this thread: 1 Guest(s)

Contact Us   Yealink   Return to Top   Return to Content   Lite (Archive) Mode   RSS Syndication