EAP-session did no finish! (Linux)
Alberto Martínez
alberto_martinez at deusto.es
Tue Jan 17 12:11:09 CET 2012
Hello Alan.
"Almost" means the difference between passwords, directories and such. I
suspected of the certificate and worked on it, but the error is still there.
....
[eap] EAP packet type response id 1 length 23
[eap] No EAP Start, assuming it's an on-going EAP conversation << It should
be a start, since it's the first message to arrive
++[eap] returns updated
.
.
.
Found Auth-Type = EAP
# Executing group from file /etc/freeradius/sites-enabled/default
+- entering group authenticate {...}
[eap] EAP Identity
[eap] processing type tls
[tls] Initiate
[tls] Start returned 1
++[eap] returns handled
Sending Access-Challenge of id 80 to 192.168.250.250 port 38895
EAP-Message = 0x010200061920
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x6f3ad5846f38cc2e96bfe99ed117c159
Finished request 0.
Going to the next request
Waking up in 4.9 seconds.
rad_recv: Access-Request packet from host 192.168.250.250 port 38895,
id=80, length=264
Sending duplicate reply to client eduroam port 38895 - ID: 80
Sending Access-Challenge of id 80 to 192.168.250.250 port 38895
Waking up in 1.0 seconds.
Cleaning up request 0 ID 80 with timestamp +11
WARNING:
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
WARNING: !! EAP session for state 0x6f3ad5846f38cc2e did not finish!
WARNING: !! Please read http://wiki.freeradius.org/Certificate_Compatibility
WARNING:
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Ready to process requests.
So it never establishes an EAP-TLS to begin with.
CA & certificates script: http://pastebin.com/tP1cH2Zx
2012/1/17 Alan DeKok <aland at deployingradius.com>
> Alberto Martínez wrote:
> > Now I'm stuck with this known error:
> > WARNING:
> > !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
> > WARNING: !! EAP session for state 0xcb306879cb32715a did not finish!
> > WARNING: !! Please read
> http://wiki.freeradius.org/Certificate_Compatibility
> > WARNING:
> > !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
>
> Well... that message is pretty clear.
>
> > while trying to authenticate from Windows *and Linux*. I can't find the
> > problem, since the configuration is almost identical to the working one.
>
> *ALMOST* ???
>
> Perhaps that difference is causing the problem.
>
> It would seem to be a reasonable (and rational) assumption.
>
> Alan DeKok.
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
--
Alberto Martínez Setién
Servicio Informático
Universidad de Deusto
Avda. de las Universidades, 24
48007 - Bilbao (SPAIN)
Phone: +34 - 94 413 90 00 Ext 2684
Fax: +34 - 94 413 91 01
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20120117/85bc9213/attachment.html>
More information about the Freeradius-Users
mailing list