Hello Team, I need to open a case cause I meet an issue with TLS version mismatch between client and server. My scope : - FreeRADIUS Version 3.0.20 - OpenSSL 1.1.1f - Windows client TLS version allowed : TLS1.0/1.1/1.2 Accros few link(show below) I understood that TLS 1.3 was not correctly supported on freeradius. I have the same issue like this post #3665 <https://github.com/FreeRADIUS/freeradius-server/issues/3665> However my window client is correctly configured and it do no use tls version 1.3. Furthermore i make a packet capture and i can see that TLS 1.0 is used during TLS client hello. As show bellow, eap module configuration. I do not use "disable_tls" but tls_min/max feature as recommended. "# disable_tlsv1_2 = no" "# disable_tlsv1_1 = no" "# disable_tlsv1 = no" tls_min_version = "1.0" tls_max_version = "1.2" Freeradius debug : I do not understand how freeradius server can interptrer the tls request with 1.3 version. Client side tls 1.3 is not allowed and also on freeradius side. How can I interpret this issue ? Thanks in advance for your help. Freeradius live debug (1) eap: Expiring EAP session with state 0xcf201259cf221f90 (1) eap: Finished EAP session with state 0xcf201259cf221f90 (1) eap: Previous EAP request found for state 0xcf201259cf221f90, released from the list (1) eap: Peer sent packet with method EAP TLS (13) (1) eap: Calling submodule eap_tls to process data (1) eap_tls: Continuing EAP-TLS (1) eap_tls: Peer indicated complete TLS record size will be 112 bytes (1) eap_tls: Got complete TLS record (112 bytes) (1) eap_tls: [eaptls verify] = length included (1) eap_tls: (other): before SSL initialization (1) eap_tls: TLS_accept: before SSL initialization (1) eap_tls: TLS_accept: before SSL initialization (1) eap_tls: <<< recv TLS 1.3 [length 006b] (1) eap_tls: >>> send TLS 1.0 Alert [length 0002], fatal protocol_version (1) eap_tls: ERROR: TLS Alert write:fatal:protocol version tls: TLS_accept: Error in error (1) eap_tls: ERROR: Failed in FUNCTION (SSL_read): error:14209102:SSL routines:tls_early_post_process_client_hello:unsupported protocol (1) eap_tls: ERROR: System call (I/O) error (-1) (1) eap_tls: ERROR: TLS receive handshake failed during operation (1) eap_tls: ERROR: [eaptls process] = fail (1) eap: ERROR: Failed continuing EAP TLS (13) session. EAP sub-module failed (1) eap: Sending EAP Failure (code 4) ID 2 length 4 (1) eap: Failed in EAP select (1) [eap] = invalid (1) } # authenticate = invalid