On 9 Oct 2015, at 16:55, Axel Luttgens <axel.luttgens@skynet.be> wrote:
Le 8 oct. 2015 à 10:52, A.L.M.Buxey@lboro.ac.uk a écrit :
[…] no…..theres no change - its not TLS 1.2 yet - they pulled back […] correct…because thats the change - they now send EAP-MSCHAPv2 in the inner.
Hello Alan,
Do you have some more detailed infos about Apple’s changes?
I’m asking, because I’m struggling with ios/mac os x clients too (as Mark does), yet with other symptoms.
I’m currently running FR 3.0.4, with OpenSSL 0.9.8y. ios9 clients, as well as Mac OS X 10.11 clients happily authenticate and connect to our APs, then authenticate and connect again, and so on… Apparently, there’s something the clients don’t like, and they blindingly try again and again. The problem is, the clients’ logs, even with increased verbosity, don’t provide any hint. Or I didn’t manage to have the clients to provide such hints. :-(
I’m now trying to set up FR 3.0.10 with OpenSSL 1.0.2d. This is the kind of thing I intended to do anyway, but I would be sooo pleased to understand beforehand what those Apple devices expect.
Pull v3.0.x HEAD. Just fixed some compatibility issues with OpenSSL 1.0.2 *sigh*. -Arran Arran Cudbard-Bell <a.cudbardb@freeradius.org> FreeRADIUS development team FD31 3077 42EC 7FCD 32FE 5EE2 56CF 27F9 30A8 CAA2