Hello,
I have EAP-TLS authentication problems with the VoWLAN Handset Siemens optiPoint WL 2 S.
This is the Log entry after a failed authentication attempt:
Reason Code: 66
Reason: The user attempted to use an authentication method that is not enabled on the matching network policy.
The authentication only works if I check "Allow clients to connect without negotiating an authentication method"!
What is the impact of this option, what does it, especially when using EAP-TLS? Does it mean, that the client certificate or the server certificate or both won't be verified?
I sniffed on the air and I noticed that the packet from the VoWLAN Handset are encrypted so the key material for WPA2 is negotiated. Also I tried to connect with a certificate issued from a unknown CA, access was denied.
I'm searching for a detailed explanation.
Regards,
Tobias Hachmer