On Oct 24, 2023, at 4:03 PM, thomas@habets.se wrote:
The debug output with 3.0.17 mentioned ignoring some TLS 1.3. On the Android side I could only choose minimum, not maximum, TLS version. I'd tried setting min and max version on the FreeRadius side, but it did not help.
That was an issue with older versions. It would allow newer versions of TLS, but because there was no standard, it wouldn't work. That's now been fixed. RFC9190 now says "don't automatically use a new version of TLS". That took a bit of effort to get it, but it's there,
Upgrade. If it works, move on to something else.
Yup, no need to run older versions just because it's the one packaged with the distribution.
http://packages.networkradius.com Up-to-date packages for just about everything. Supported packages from the FreeRADIUS people, because most OS vendors are happy to ship 5 year-old software. Aln DeKok.