Thanks Alan. You mean configuration on the Cisco router. I checked the shared secret and that is fine. Do i need to load the certificate as well? If yes, I am not sure how to do that. I understand this is a freeradius forum and thus don't expect help with respect to cisco router however if you do know that would appreciated. If not, is there a way I can allow all users through i.e. can I set Auth-Type in /etc/raddb/sites-available/default to "Accept"? Thanks, Pratik On Tue, May 19, 2015 at 4:02 PM, <A.L.M.Buxey@lboro.ac.uk> wrote:
Hi,
(5) eap_peap: <<< TLS 1.0 Alert [length 0002], fatal unknown_ca *(5) eap_peap: ERROR: TLS Alert read:fatal:unknown CA* *(5) eap_peap: ERROR: TLS_accept: Failed in SSLv3 read client certificate A* *(5) eap_peap: ERROR: SSL says: error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca* *SSL: SSL_read failed inside of TLS (-1), TLS session fails.* TLS receive handshake failed during operation
client is using wrong/incorrect CA - check client configuration.
alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html