Decoupled accounting

Devinder Singh devinbhullar at gmail.com
Tue Aug 4 10:07:20 CEST 2009 

HI Ivan

Thanks. Yes i have double click on the ca.der file and client.p12 both
were installed successfuly.

I also manaed to set up my SSID palstaff and when i click on the SSID
i see a pop up windows on my wireles LAN  asking for my username on
certificate and i selected

devinder at palettemm.com from the combo drop down list and click OK

when i click OK  radius reports the following error

TLS Alert write:fatal:unknown CA
    TLS_accept:error in SSLv3 read client certificate B
rlm_eap: SSL error error:140890B2:SSL
routines:SSL3_GET_CLIENT_CERTIFICATE:no certificate returned
SSL: SSL_read failed in a system call (-1), TLS session fails.
TLS receive handshake failed during operation
[tls] eaptls_process returned 4
[eap] Handler failed in EAP/tls
[eap] Failed in EAP select
++[eap] returns invalid
Failed to authenticate the user.
Using Post-Auth-Type Reject
+- entering group REJECT {...}
[attr_filter.access_reject]     expand: %{User-Name} -> devinder at palettemm.com
 attr_filter: Matched entry DEFAULT at line 11
++[attr_filter.access_reject] returns updated
Delaying reject of request 6 for 1 seconds
Going to the next request
Waking up in 0.9 seconds.
Sending delayed reject for request 6
Sending Access-Reject of id 133 to 203.121.4.59 port 6001
        EAP-Message = 0x040a0004
        Message-Authenticator = 0x00000000000000000000000000000000
Waking up in 3.6 seconds.
Cleaning up request 0 ID 127 with timestamp +18
Cleaning up request 1 ID 128 with timestamp +18
Cleaning up request 2 ID 129 with timestamp +18
Cleaning up request 3 ID 130 with timestamp +18
Cleaning up request 4 ID 131 with timestamp +18
Waking up in 0.2 seconds.
Cleaning up request 5 ID 132 with timestamp +18
Waking up in 1.0 seconds.
Cleaning up request 6 ID 133 with timestamp +19
Ready to process requests.







2009/8/4 Ivan Kalik <tnt at kalik.net>:
>> I mnaged to follow the steps in /etc/raddb/certs/README
>>
>> and copied ca.der and client.p12 to XP machine
>
> It looks like you have copied them but not installed them in the
> certificate store. Double-click the certificates and install them first.
>
> Ivan Kalik
> Kalik Informatika ISP
>
>



-- 
Devinder

More information about the Freeradius-Users mailing list