TTLS and TLS

Wolfgang Burger burgerw at immunbio.mpg.de
Wed Mar 5 16:43:21 CET 2008


Am 05.03.2008 um 16:35 schrieb Wolfgang Burger:

> Hi again,

Hi stupid me,
>
> The Client does'nt send the certificate.
> My wild speculation, which is a pure guess of a newbie:
> Is the Client in some sort of "TTLS-Mode", where he can't send a 
> client-certificate, because
>    Sending Access-Challenge of id 183 to 192.168.1.24 port 1104
>    EAP-Message = 0x011000061520
> tells him to do TTLS (Type 0x15)?
>
Of course the server demands TTLS. You told him to do so in eap.conf.
Fix that.

> And how do I tell the server, that a valid certificate is not enough 
> to get in?
> In the first log-file, you see that the client can disable ttls and 
> still is accepted.
>

Here I cant help you. Maybe someone else?

> Thank you very much for any hint.
>

Cheers, no problem mate.

> Regards
>   Wolfgang Burger
>
Regards
    Wolfgang Burger




More information about the Freeradius-Users mailing list