I am testing FreeRadius with OpenSSL 1.0.2 and noticed a strange issue. TTLS-MSCHAPv2 fails. PEAP and TTLS-(PAP, CHAP, MSCHAPv1) all work. The error that stands out is 'Invalid ACK received: 0'. I get this on both 2.2.6 and 3.0.7. 2.2.6 Mon Mar 23 08:40:09 2015 : Info: [ttls] Authenticate Mon Mar 23 08:40:09 2015 : Info: [ttls] processing EAP-TLS Mon Mar 23 08:40:09 2015 : Info: [ttls] Received TLS ACK Mon Mar 23 08:40:09 2015 : Info: [ttls] ACK default Mon Mar 23 08:40:09 2015 : Error: [ttls] Invalid ACK received: 0 Mon Mar 23 08:40:09 2015 : Info: [ttls] eaptls_verify returned 4 Mon Mar 23 08:40:09 2015 : Info: [ttls] eaptls_process returned 4 3.0.7 Mon Mar 23 09:14:26 2015 : Debug: (21) eap_ttls: Authenticate Mon Mar 23 09:14:26 2015 : Debug: (21) eap_ttls: processing EAP-TLS Mon Mar 23 09:14:26 2015 : Debug: (21) eap_ttls: Received TLS ACK Mon Mar 23 09:14:26 2015 : Debug: (21) eap_ttls: Received TLS ACK Mon Mar 23 09:14:26 2015 : ERROR: (21) eap_ttls: Invalid ACK received: 0 Mon Mar 23 09:14:26 2015 : Debug: (21) eap_ttls: eaptls_verify returned 0 Mon Mar 23 09:14:26 2015 : Debug: (21) eap_ttls: eaptls_process returned 0 Mon Mar 23 09:14:26 2015 : ERROR: (21) eap: Failed continuing EAP TTLS (21) session. EAP sub-module failed Downgrading openssl to 1.0.1 and the issue goes away. 2.2.6 Mon Mar 23 08:50:40 2015 : Info: [ttls] Authenticate Mon Mar 23 08:50:40 2015 : Info: [ttls] processing EAP-TLS Mon Mar 23 08:50:40 2015 : Info: [ttls] Received TLS ACK Mon Mar 23 08:50:40 2015 : Info: [ttls] ACK handshake is finished Mon Mar 23 08:50:40 2015 : Info: [ttls] eaptls_verify returned 3 Mon Mar 23 08:50:40 2015 : Info: [ttls] eaptls_process returned 3 3.0.7 Mon Mar 23 09:17:54 2015 : Debug: (29) eap_ttls: Authenticate Mon Mar 23 09:17:54 2015 : Debug: (29) eap_ttls: processing EAP-TLS Mon Mar 23 09:17:54 2015 : Debug: (29) eap_ttls: Received TLS ACK Mon Mar 23 09:17:54 2015 : Debug: (29) eap_ttls: Received TLS ACK Mon Mar 23 09:17:54 2015 : Debug: (29) eap_ttls: ACK handshake is finished Mon Mar 23 09:17:54 2015 : Debug: (29) eap_ttls: eaptls_verify returned 3 Mon Mar 23 09:17:54 2015 : Debug: (29) eap_ttls: eaptls_process returned 3 This was tested with the default configuration and adding a user to the users file. The OS was FreeBSD 10.1. I assuming this a problem with the FreeBSD's OpenSSL 1.0.2 port but wanted to ask if anybody else has seen issues with the latest OpenSSL version? -- Dave