<div dir="ltr"><div style="font-family:arial,sans-serif;font-size:13px">Hi,</div><div style="font-family:arial,sans-serif;font-size:13px"><br></div><div style="font-family:arial,sans-serif;font-size:13px">I've got a Windows 7 machine attempting to connect to FreeRADIUS 2.2.0. EAP-TLS with a client certificate works fine, but with PEAP/EAP-TLS it doesn't.</div>
<div style="font-family:arial,sans-serif;font-size:13px"><br></div><div style="font-family:arial,sans-serif;font-size:13px">Is there anything I'm missing? The problem appears to be that the client doesn't send over the client cert. I know Windows is very fussy with what it accepts as a cert for EAP-TLS, but I'm confused as to why it works for one and not the other.</div>
<div style="font-family:arial,sans-serif;font-size:13px"><div><br></div><div>Mon Sep 16 12:56:55 2013 : Info: [tls] Length Included</div><div>Mon Sep 16 12:56:55 2013 : Info: [tls] eaptls_verify returned 11</div><div>Mon Sep 16 12:56:55 2013 : Info: [tls] (other): before/accept initialization</div>
<div>Mon Sep 16 12:56:55 2013 : Info: [tls] TLS_accept: before/accept initialization</div><div>Mon Sep 16 12:56:55 2013 : Info: [tls] <<< TLS 1.0 Handshake [length 005a], ClientHello</div><div>Mon Sep 16 12:56:55 2013 : Info: [tls] TLS_accept: SSLv3 read client hello A</div>
<div>Mon Sep 16 12:56:55 2013 : Info: [tls] >>> TLS 1.0 Handshake [length 0031], ServerHello</div><div>Mon Sep 16 12:56:55 2013 : Info: [tls] TLS_accept: SSLv3 write server hello A</div><div>Mon Sep 16 12:56:55 2013 : Info: [tls] >>> TLS 1.0 Handshake [length 053e], Certificate</div>
<div>Mon Sep 16 12:56:55 2013 : Info: [tls] TLS_accept: SSLv3 write certificate A</div><div>Mon Sep 16 12:56:55 2013 : Info: [tls] >>> TLS 1.0 Handshake [length 000d], CertificateRequest</div><div>Mon Sep 16 12:56:55 2013 : Info: [tls] TLS_accept: SSLv3 write certificate request A</div>
<div>Mon Sep 16 12:56:55 2013 : Info: [tls] TLS_accept: SSLv3 flush data</div><div>Mon Sep 16 12:56:55 2013 : Info: [tls] TLS_accept: Need to read more data: SSLv3 read client certificate A</div><div>Mon Sep 16 12:56:55 2013 : Debug: In SSL Handshake Phase</div>
</div><div style="font-family:arial,sans-serif;font-size:13px">...</div><div style="font-family:arial,sans-serif;font-size:13px"><div>Mon Sep 16 12:57:00 2013 : Debug: WARNING: !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!<br>
</div><div>Mon Sep 16 12:57:00 2013 : Debug: WARNING: !! EAP session for state 0x7c569f3d755a860c did not finish!</div><div>Mon Sep 16 12:57:00 2013 : Debug: WARNING: !! Please read <a href="http://wiki.freeradius.org/Certificate_Compatibility" target="_blank">http://wiki.freeradius.org/Certificate_Compatibility</a></div>
<div>Mon Sep 16 12:57:00 2013 : Debug: WARNING: !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!</div><div>Mon Sep 16 12:57:00 2013 : Info: Ready to process requests.</div></div><div style="font-family:arial,sans-serif;font-size:13px">
<br></div><div style="font-family:arial,sans-serif;font-size:13px">radius.log: <span style="font-family:arial;font-size:small"><a href="http://pastebin.com/9fBdxfYt">http://pastebin.com/9fBdxfYt</a></span></div><div>eap.conf: <a href="http://pastebin.com/7dL69pmQ">http://pastebin.com/7dL69pmQ</a><br>
</div><div>inner-tunnel: <a href="http://pastebin.com/BGzJSKz0">http://pastebin.com/BGzJSKz0</a></div><div style="font-family:arial,sans-serif;font-size:13px"><br></div><div style="font-family:arial,sans-serif;font-size:13px">
Thanks,</div><div style="font-family:arial,sans-serif;font-size:13px"><br></div><div style="font-family:arial,sans-serif;font-size:13px">John.</div><div class="" style="font-family:arial,sans-serif;font-size:13px"><div id=":1nq" class="" tabindex="0">
<img class="" src="https://mail.google.com/mail/u/1/images/cleardot.gif"></div></div><div><br></div>-- <br>John Carter<br>Identity Networks<br><a href="mailto:jcarter@identitynetworks.com" target="_blank">jcarter@identitynetworks.com</a><div>
<div><a>skype:jcartermeru</a></div></div>
</div>