EAP doest work with Cisco Catalyst 2950?

Phil Mayers p.mayers at imperial.ac.uk
Wed Jul 26 10:55:25 CEST 2006


Thai Duong wrote:
> I can be sure the client certificate has the Enhanced
> Key Usage showing Client Authentication
> (1.3.6.1.5.5.7.3.2). I have no way to verify whether
> the server certificate contains proper OID but here is

openssl x509 -noout -text -in theserver.crt

...will show things like:

             X509v3 Key Usage:
             Digital Signature, Key Encipherment
             X509v3 Extended Key Usage:
             TLS Web Server Authentication

...the latter being the one you're looking for.

As Alan says, it's almost certainly oids, but regardless the problem is 
not at the FreeRadius side - you should look to the debugging on the 
cisco switch and/or the windows client ("netsh * set tracing on" and 
logfiles somewhere under c:\windows)



More information about the Freeradius-Users mailing list