Hi, I upgraded an internal freeradius server (Linux, Debian unstable, libssl 0.9.8) used for EAP-TLS (802.11 WPA2 access) from 2.0.5 to 2.1.3. With 2.1.3, client authentication fails in the following way (wpasupplicant on Debian unstable, working with 2.0.5): - the TLS exchange is completed from freeradius point of view. It even sends the Access-Accept message to the NAS. - from the clients point of view, the TLS exchange is not over, it expects some more data from the server which are never sent. I took two pcap traces (sent to you privately, Alan), one with 2.0.5, one with 2.1.3. It looks like the TLS Change Cipher and TLS Tinished elements of the TLS exchange are not in the EAP encapsulated TLS packets sent by the server. Compare packet #23 of 2.1.3 trace with packet #27 of 2.0.5 trace. If you use wireshark, you will notice that the SSL layer is dissected; this is because #27 has a small brother: #29. It is not sent by 2.1.3. Alan, if you have an idea or a patch, I can test it on monday. Cheers, a+