Hi, the primary issue is the cipher list mismatch, as Alan noted. But you should also pay attention here:
Sat Jan 18 20:02:05 2014 : Debug: ssl : OpenSSL 1.0.0-fips 29 Mar 2010
SSL Version Details ============== OpenSSL 1.0.1e-fips 11 Feb 2013
Your OpenSSL library version is not what you think it is.
CONFIGURATION: ============== Sorry if we missed any additional documentation, for EAP TLS 1.2 authentication, we updated our eap configuration cipher: cipher_list = "AES256-SHA256"
Ciphers and TLS versions are only very mildly coupled. Butchering the cipher list is not a very healthy approach.
When the modem sends the protocol as TLS 1.0 - it authenticates successfully with the cipher_list "AES256-SHA256:AES128-SHA" or cipher_list set to "DEFAULT";
Good. Then set cipher_list to "DEFAULT". Or if you want only "good" ciphers try something along the lines of "ALL:!MEDIUM:!LOW" to exclude weak and medium-strength ciphers. There's plenty of good documentation on the use of ciphers for Apache Ask Google and inspire yourself.
But, when modem sends the protocol as TLS 2.0; the authentication fails in EAP module, with following error:
There is no TLS 2.0. Greetings, Stefan Winter