Matteo Lazzarini wrote:
Matteo Lazzarini wrote:
I am continuing to make various tests but I do not resolve the problem… nobody has ideas/help? - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/devel.html
I don't know (never tried, no opportunity) how WEP, client PC and AAA server deal out the WLAN secrets, but from my logfiles using PPP as NAS on both sides it still looks like what Stefan Winter said: We have too large EAP packets, an incoming request containing the TLS Client Hello, Certificates, Cipherlist etc, and Radius replies with a similar long one containing the TLS Server Hello, Certificates, Cipherlist, etc, and the TLS request for a key exchange, I'd guess. From then on, either the XP client or the DLINK AP just choked. Thus, I'd recommend to look now more on the client side: 1) Event/Security/... logs in XP 2) Logging on the AP? There must be means to get some status/syslog messages/whatever from the device, isn't it? 3) Use Ethereal/WinPCAP on the XP client and do a capture of the WLAN interface. Verrry nice, it's even able to dissect all the TLS handshake conversation (to make sure that the right certificates are exchanged) and, if used to sniff on the RADIUS port, can also combine the EAP message fragments in the RADIUS attributes. OTOH, the french guideline is a little old by now, so I'd consider installing a super-recent version of openssl as rather harmful than necessary. Ciao, Michael