rlm_eap_tls: No SSL info available. Waiting for more SSL data

Alan DeKok aland at deployingradius.com
Mon Feb 12 14:27:43 CET 2007


Norbert Wegener wrote:
> Is there anything I can do on the freeradius side to prove,
> that the  voip phone's 802.1x implementation is broken?

  Well, FreeRADIUS works with every *other* 802.1x client out there,
including Vista.  This means MAC OSX, all versions of Windows, Linux,
FreeBSD, NetBSD, Solaris, etc.

> Up to now I could not convince the vendor's salesperson, that there is a 
> problem with his phone.

  Point him at the survey page on the FreeRADIUS web site.  Ask him if
he's going to intentionally sell a product that doesn't work with the #1
RADIUS server on the planet.  Ask him why his phone won't work with 1/3
or more of the installed RADIUS server market.  Ask him why he doesn't
want his phone to work with for major telecom companies.  Ask him why
there are customers with 10-million users that he's ignoring.

  The problem is likely that the server *could* send more data at a
certain point, and instead just sends an "ack".  If the client just
sends an "ack" back (like everyone else does), then the server sends
more data.

  His phone, on the other hand, expects to see data.  Rather than
sending an "ack", which means "please give me more data", it just dies.

  Alan DeKok.
--
  http://deployingradius.com       - The web site of the book
  http://deployingradius.com/blog/ - The blog



More information about the Freeradius-Users mailing list