Matteo Lazzarini wrote:
Thus, I'd recommend to look now more on the client side: 1) Event/Security/... logs in XP 2) Logging on the AP? There must be means to get some status/syslog messages/whatever from the device, isn't it? 3) Use Ethereal/WinPCAP on the XP client and do a capture of the WLAN interface. Verrry nice, it's even able to dissect all the TLS handshake conversation (to make sure that the right certificates are exchanged) and, if used to sniff on the RADIUS port, can also combine the EAP message fragments in the RADIUS attributes.
OTOH, the french guideline is a little old by now, so I'd consider installing a super-recent version of openssl as rather harmful than necessary.
Thanks I will make as you have said… I try to make an analysis of what turns in the WLAN!
Another idea would be to reduced&uncomment the fragment_size in eap.conf from 1024 (default) to, say, 700-800. This will change the output of the log file, as more RADIUS request and challenges are required. Unlikely that this is the reason, but still worth a try.
Freeradius I have installed last version available (1.1.2 that it seems to work!) but I know that there is also an August version SNAPSHOT but to me it has given problems in compile and did not install me module EAP-TLS (bug Debian). The lib I have installed to them with the command apt-get install openssl libssl-dev and this is the command dphg - l|grep SSL
I'm also using 0.9.7g. You can check which openssl libs a running freeradius process is using by looking at /proc/<pid of radiusd>/maps. Good Luck, Michael