EAP-TLS certificate problem
Phil Mayers
p.mayers at imperial.ac.uk
Tue Feb 19 12:06:07 CET 2013
On 19/02/13 09:11, Muhammad Nadeem wrote:
> Hi, everybody
> I have used pre-shipped certificates of Freeradius for testing
> purpose. This testing was succeed with a test user 'bob', with files
> authentication.
> Now in the next step I wanna authenticate a user from my Database with
> Digital certificates. When i authenticate the user, server side
> confirm and send "Access-Accept" packet, but at client, following
> error occurs.
> " No Message-Authenticator attribute found
> Incoming RADIUS packet did not have correct Message-Authenticator - dropped
> STA 02:00:00:00:00:01: No RADIUS RX handler found (type=0 code=2 id=0)
> - dropping packet"
>
> I googled this problem and found a solution that the user Auth-type is
> set to Accept (I manually checked the user in Database , and its
> Auth-Type was Accept) and this type prevent further process.
Yes
> Now my question is that , could I continue EAP-TLS authentication,
> regardless of Auth-Type is set to Accept???
No. Don't set Auth-Type unless you know what you're doing.
More information about the Freeradius-Users
mailing list