Dear All,
I am using EAP-TTLS authentication mechanism for between WiMAX client and AAA on Linux environment
During EAP negotiation phase following steps are successfully completed.
1. Identity exchange
2. Server/Client EAP-TTLS start
3. Client Hello
4. Server Hello-Server Certificate-Server Key Exchange-Server Hello Done
EAP_Failure is coming consistently during “Client Key Exchange phase”.
This issue is coming consistently for multiple clients during Network Entry.
Following is the error from AAA.
2012/06/04 15:52:41:686525 : <FREERADIUS LOG> rlm_eap_tls: <<< TLS 1.0 Alert [length 0002], fatal unknown_ca
2012/06/04 15:52:41:686541 : <FREERADIUS LOG> TLS Alert read:fatal:unknown CA
2012/06/04 15:52:41:686559 : <FREERADIUS LOG> TLS_accept:failed in SSLv3 read client certificate A
2012/06/04 15:52:41:686579 : <FREERADIUS LOG> rlm_eap: SSL error error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca
2012/06/04 15:52:41:686593 : <FREERADIUS LOG> rlm_eap_tls: SSL_read failed inside of TLS (-1), TLS session fails.
2012/06/04 15:52:41:686605 : <FREERADIUS LOG> eaptls_process returned 13
2012/06/04 15:52:41:686618 : <FREERADIUS LOG> rlm_eap: Freeing handler
2012/06/04 15:52:41:686650 : <FREERADIUS LOG> ++[eap] returns reject
2012/06/04 15:52:41:686663 : <FREERADIUS LOG> auth: Failed to validate the user.
2012/06/04 15:52:41:686688 : [TX] Access-Reject
To resolve this issue, your timely help will be appreciated.
Thanks !
Rathod.