When a client attempts to authenticate to an access point with the RADIUS server, the
server returns the error message “Invalid message authenticator in EAP request.” Which
action can you take to correct the problem?
A.
Add the user profile to ACS.
B.
Synchronize the shared password between AP and ACS.
C.
Configure the required privileges for the authentication service.
D.
Enable the external database account.
Explanation:
Verify that shared secret passwords are synchronized between the access point and the
authentication server. Otherwise, you can receive this error message:
Invalid message authenticator in EAP request
From the CLI, check the line radius-server host x.x.x.x auth-port x acct-port x key
<shared_secret>.
From the GUI, on the Server Manager page, re-enter the shared secret for the
appropriate server in the box labelled “Shared Secret.”
The shared secret entry for the access point on the RADIUS server must contain the
same shared secret password as those previously mentioned.
http://www.cisco.com/c/en/us/support/docs/wireless/aironet-1100-
series/44844-leapserver.html