19 Nov
2015
19 Nov
'15
3:21 p.m.
Hi,
As I told on a previous email, we are migrating previous radius (2.1.9) authentication to a new instance of freeradius (3.0.10).
new server? new version of openssl on the new server? if the access accept packet is the same as that from 2.1.9 then the issue is somewhere else. I'd examine that last access accept packet. but my first instinct is that this is a MPPE key issue - access accept okay but the IOS device not likeing the derived keys - validate this by putting disable_tlsv1_2 = yes into the tls {} section of your eap module i think this issue is fixed in 3.0.x HEAD (?) alan