EAP-FAST is failing on FreeRadius3
Alan DeKok
aland at deployingradius.com
Fri Dec 8 13:21:31 CET 2017
On Dec 8, 2017, at 5:54 AM, Smita Selot <SSelot at ixiacom.com> wrote:
>
> I am running FreeRadius3.0.15 on ubuntu16.04 and testing EAP-FAST right now. I made these modifications:
>
> - uncommented section “fast” in mods-available/eap file:
> - cipher_list = “ALL:!EXPORT:!eNULL:!SSLv2”
> - disable_tlsv1_2 = yes
>
> Is there something else that I need to configure?
>
> The wireshark captures show “Ignored Unknown Record” error at the time of TLS Accept. FreeRadius debugs also show some error in TLS Accept.
The error is:
eap_fast: EAP-FAST TLV 9 is longer than room remaining in the packet (18 > 14).
> What am I missing?
Use an EAP client that implements EAP correctly.
Also try the v3.0.x branch from github. We've put some more debug / fixes into EAP-FAST.
Alan DeKok.
More information about the Freeradius-Users
mailing list