On May 26, 2016, at 8:32 PM, craig@mypenguin.net.au wrote:
Ok I've upgraded to freeradius-server-3.0.11 Below is the output I get from the Cisco phone attempt, this is iteration "320" and it just continues to make attempts (i assume because it's UDP)?
It's continuing to make attempts because it's repeatedly trying to login. Looking at one packet is nice, but not helpful. You need to post the START of an authentication attempt, all the way to the END of that authentication attempt. If you're not sure, 20-30 packets in a row should be enough. And then READ the debug output, looking for error messages, warnings, etc. If there's no such messages, then your choices are more limited. The Cisco phone doesn't like *something* about FreeRADIUS. It's hard to find out what it doesn't like, as the phone won't produce useful logs. Maybe disable_tlsv1_2 i the EAP module? So... since FreeRADIUS works with everything, I'd blame the phone. It's broken. Alan DeKok.