EAP/TLS and XP client

[ksochack]

Hi,

I configured a freeRADIUS(RH-FC4) server to authenticate Proxim AP700
clients via eap/tls. The radius server processes the authentication request
and challenges however in the logs I don't see 'access-accepted' messages
(see detailauth log below).  The AP monitor shows a number of request and
challenges but none accepted or rejected, I can get rejected if I point to
the wrong cert on the server or change the shared  secret.

The problem is the client never gets connected to AP to grab a IP address
after authentication.

Any help would be greatly appreciated.


TIA,
Kevin Sochacki

Detailauth log excert:

Packet-Type = Access-Request
Mon Jul 18 13:37:14 2005
        User-Name = "RadiusIS-X01.frsd.k12.nj.us"
        NAS-IP-Address = 10.10.10.89
        Called-Station-Id = "00-20-a6-58-ec-4c:RFLTC8-AP"
        Calling-Station-Id = "00-90-4b-2c-ed-88"
        NAS-Identifier = "RFLTC8-AP"
        Framed-MTU = 1400
        NAS-Port-Type = Wireless-802.11
        EAP-Message =
0x021200200152616469757349532d5830312e667273642e6b31322e6e6a2e7573
        Message-Authenticator = 0x2dc2f241788db9a17495d302732c41d7
        Client-IP-Address = 10.10.10.89

Packet-Type = Access-Request
Mon Jul 18 13:37:15 2005
        User-Name = "RadiusIS-X01.frsd.k12.nj.us"
        NAS-IP-Address = 10.10.10.89
        Called-Station-Id = "00-20-a6-58-ec-4c:RFLTC8-AP"
        Calling-Station-Id = "00-90-4b-2c-ed-88"
        NAS-Identifier = "RFLTC8-AP"
        State = 0x161f68d6d1793490de3cdbb9dadab669
        Framed-MTU = 1400
        NAS-Port-Type = Wireless-802.11
        EAP-Message =
0x021300500d800000004616030100410100003d030142dbe8cb6e242a151a510a83d4d4a61d
3672f6685afe6b0b2b92f1484e8f2ce700001600040005000a00090064006200030006001300
1200630100
        Message-Authenticator = 0x18a80f1d01826f6bf20ed7afa13b5a4b
        Client-IP-Address = 10.10.10.89

Packet-Type = Access-Request
Mon Jul 18 13:37:15 2005
        User-Name = "RadiusIS-X01.frsd.k12.nj.us"
        NAS-IP-Address = 10.10.10.89
        Called-Station-Id = "00-20-a6-58-ec-4c:RFLTC8-AP"
        Calling-Station-Id = "00-90-4b-2c-ed-88"
        NAS-Identifier = "RFLTC8-AP"
        State = 0x36ee47bde8d663c9102fa6cb7c84532c
        Framed-MTU = 1400
        NAS-Port-Type = Wireless-802.11
        EAP-Message = 0x021400060d00
        Message-Authenticator = 0xe69c50763abab6320cc27ebc402c3644
        Client-IP-Address = 10.10.10.89