EAP-FAST Cisco Controller Local Authentication PAC File

Article ID: 01706270



Topic or Information

EAP-FAST connect failure with Cisco Controller

Cisco has recognized a bug in their firmware that prevents a successful connection if the client is not using autoprovisioning. If you are seeing the symptom below, the suggestion is to contact Cisco.

Applies To

Cisco Wireless Controller firmware version


CSCso50723 Bug Details EAP-FAST on controller RADIUS server fails once PAC is on client Symptom:

When using the controller's local RADIUS server for EAP-FAST authentications, authentication may fail if your client already has a PAC for the controller you are authenticating to.


When the client does not have a PAC, EAP-FAST auto provisioning will ask you to accept a PAC from the local RADIUS server, authentication will then pass, the next time you try to authentication to that same RADIUS server and your client still has a valid PAC from that RADIUS server, authentications will fail