Hi all ! After installing Freeradius 1.1.4, I am trying to set it up to authenticate users with a LDAP database using PEAP + eap/mschapv2. Freeradius seems to work fine for most users, but for a few people I get this error in my log file : /Mon Feb 19 09:30:07 2007 : Info: rlm_eap_tls: Length Included Mon Feb 19 09:30:07 2007 : Error: TLS_accept:error in SSLv3 read client certificate A Mon Feb 19 09:30:07 2007 : Error: rlm_eap: SSL error error:00000000:lib(0):func(0):reason(0) Mon Feb 19 09:30:07 2007 : Info: rlm_eap_tls: Received EAP-TLS ACK message Mon Feb 19 09:30:07 2007 : Info: rlm_eap_tls: Length Included Mon Feb 19 09:30:07 2007 : Info: (other): SSL negotiation finished successfully Mon Feb 19 09:30:07 2007 : Error: rlm_eap: SSL error error:00000000:lib(0):func(0):reason(0) Mon Feb 19 09:30:07 2007 : Info: rlm_eap_tls: Received EAP-TLS ACK message Mon Feb 19 09:30:07 2007 : Info: rlm_eap_mschapv2: Issuing Challenge Mon Feb 19 09:30:08 2007 : Error: rlm_mschap: Invalid LM-Password Mon Feb 19 09:30:08 2007 : Error: rlm_mschap: Invalid NT-Password Mon Feb 19 09:30:08 2007 : Auth: Login incorrect: [********] /Authentication works perfectly with the same config files (eap.conf, radiusd.conf,users...) with an older version (1.0.1 and even 1.1.3) of freeradius on the same server. I've made tests with EAP-TTLS, and in that case authentication also works fine for everyone. In both cases, I get this line when I run freeradius in debug mode : /rlm_pap: WARNING! No "known good" password found for the user. Authentication may fail because of this. /And I can't find if there's a link between that warning and the authentication failure for some of my users. Thanks for your help. -- Ce message a été vérifié par MailScanner pour des virus ou des polluriels et rien de suspect n'a été trouvé. MailScanner remercie transtec pour son soutien.