Graham Leggett wrote:
The closest I've got is to use a MacOSX Snow Leopard machine, and manually specify EAP-TLS, and manually choose the certificate, but at that point I get this:
Mon Aug 30 08:12:56 2010 : Error: TLS_accept:error in SSLv3 read client hello C Mon Aug 30 08:12:56 2010 : Error: rlm_eap: SSL error error:140D9115:SSL routines:SSL_GET_PREV_SESSION:session id context uninitialized
I don't recall seeing that error before.
Do you know what a "session id context" is, and why one might be uninitialised?
Nope.
For detailed instructions on EAP-TLS, see:
The only reference to EAP-TLS on the above page is under a section called "Older Documents". The first link is to a PDF file called EAPTLS.pdf, and these instructions tell you to go to "http://www.missl.cs.umd.edu/wireless/eaptls/" for instructions on how to configure EAP-TLS in freeradius, and this URL no longer exists.
Uh... the first "EAPTLS.pdf" *is* a link to the PDF file. It contains detailed instructions.
The second link is entitled "Another eap-tls HOWTO", which again links to http://www.missl.cs.umd.edu/wireless/eaptls/, is broken as above.
Is there any other mention of EAP-TLS in the documentation anywhere? Google wasn't able to find anything.
In 2.1.10, there is updated documentation and examples for running EAP-TLS using "eapol_test". Alan DeKok.