Proxy to realm after eap-ttls authantication

Mesut Ozturk mesut at nevotek.com
Tue Nov 24 20:32:54 CET 2020 

Hi Alan,

Thanks for the reply.

> Where did you get the *server* certificate from?

I got it from GlobalSign site. https://support.globalsign.com/ca-certificates/root-certificates/trusted-root-intermediate-certificates

And used for both Android clients and freeradius.

>But... that debug output doesn't show anything useful.  Why post *part* of the debug output, when you can post *all* of it?

>If you don't know how to read the debug output, there's documentation for that:  http://wiki.freeradius.org/radius-X

I am debuging with "freeradius -X" command. Am i doing wrong ? Also when i tried with IOS device that was the only output. it occured 3 times and i shared one of them.

What i notices IOS trying Access Challange to wrong ip. this ip is not the one which i configured for proxy-inner-tunnel
>(2) Sent Access-Challenge Id 228 from 10.0.0.4:1812 to 213.74.143.148:49579 length 0

Still dont understand. I am using same controller(Cisco WLC), same SSID and same radius server(freeradius) but android clients cant complete EAP and says unknown CA, IOS devices can complete EAP part but cant start access challange part.

Please help me, i am confused and lost in forums.

Regards.




[http://www.nevotek.com/nevotekmail/logo.png]   Mesut Ozturk
R&D Senior Developer
P: +902122867576        E:  mesut at nevotek.com
F: +902122867476        W: www.nevotek.com
[http://www.nevotek.com/nevotekmail/maps-icon.png] Santa Clara-CA, USA<https://www.google.com/maps/place/5201+Great+America+Pkwy+%23320,+Santa+Clara,+CA+95054,+USA/@37.4063062,-121.978682,923m/data=!3m2!1e3!4b1!4m5!3m4!1s0x808fc9cc6fc08be1:0xa189e7ab47ebcdc!8m2!3d37.4063062!4d-121.9764933?hl=en>   [http://www.nevotek.com/nevotekmail/maps-icon.png]  Istanbul, TURKEY<https://www.google.com/maps/search/teknokent,+Istanbul,+Turkey/@41.106333,29.015257,876m/data=!3m1!1e3?hl=en>   [http://www.nevotek.com/nevotekmail/maps-icon.png]  Dubai, UAE<https://www.google.com/maps/place/Internet+City,+Building+%2314+-+Dubai+-+United+Arab+Emirates/@25.0984488,55.1609574,1052m/data=!3m2!1e3!4b1!4m13!1m7!3m6!1s0x3e5f6b696d88a9ab:0x6d495147845cd0f1!2sInternet+City,+Building+%2314+-+Dubai+-+United+Arab+Emirates!3b1!8m2!3d25.0983618!4d55.1631953!3m4!1s0x3e5f6b696d88a9ab:0x6d495147845cd0f1!8m2!3d25.0983618!4d55.1631953?hl=en>

[www.nevotek.com]<www.nevotek.com>

More information about the Freeradius-Users mailing list