Hello, There seems to be an issue with the EAP module but I cannot spot it: (0) authenticate { (0) eap: Peer sent packet with method EAP Identity (1) (0) eap: Calling submodule eap_peap to process data (0) eap_peap: Initiating new EAP-TLS session (0) eap_peap: Flushing SSL sessions (of #0) (0) eap_peap: [eaptls start] = request (0) eap: Sending EAP Request (code 1) ID 106 length 6 (0) eap: EAP session adding &reply:State = 0xf7942626f7fe3f0a (0) [eap] = handled (0) } # authenticate = handled (0) Using Post-Auth-Type Challenge (0) Post-Auth-Type sub-section not found. Ignoring. (0) # Executing group from file /etc/raddb/sites-enabled/******** (0) Sent Access-Challenge Id 245 from ************:1812 to ************:62704 length 0 (0) EAP-Message = 0x016a00061920 (0) Message-Authenticator = 0x00000000000000000000000000000000 (0) State = 0xf7942626f7fe3f0a42c923255cc967ab (0) Finished request Waking up in 4.9 seconds. (1) authenticate { (1) eap: Expiring EAP session with state 0xf7942626f7fe3f0a (1) eap: Finished EAP session with state 0xf7942626f7fe3f0a (1) eap: Previous EAP request found for state 0xf7942626f7fe3f0a, released from the list (1) eap: Peer sent packet with method EAP PEAP (25) (1) eap: Calling submodule eap_peap to process data (1) eap_peap: Continuing EAP-TLS (1) eap_peap: Peer indicated complete TLS record size will be 131 bytes (1) eap_peap: Got complete TLS record (131 bytes) (1) eap_peap: [eaptls verify] = length included (1) eap_peap: (other): before SSL initialization (1) eap_peap: TLS_accept: before SSL initialization (1) eap_peap: TLS_accept: before SSL initialization (1) eap_peap: <<< recv UNKNOWN TLS VERSION ?0304? [length 007e] (1) eap_peap: TLS_accept: SSLv3/TLS read client hello (1) eap_peap: >>> send TLS 1.2 [length 005d] (1) eap_peap: TLS_accept: SSLv3/TLS write server hello (1) eap_peap: >>> send TLS 1.2 [length 0e78] (1) eap_peap: TLS_accept: SSLv3/TLS write certificate (1) eap_peap: >>> send TLS 1.2 [length 014d] (1) eap_peap: TLS_accept: SSLv3/TLS write key exchange (1) eap_peap: >>> send TLS 1.2 [length 0004] (1) eap_peap: TLS_accept: SSLv3/TLS write server done (1) eap_peap: TLS_accept: Need to read more data: SSLv3/TLS write server done (1) eap_peap: In SSL Handshake Phase (1) eap_peap: In SSL Accept mode (1) eap_peap: [eaptls process] = handled (1) eap: Sending EAP Request (code 1) ID 107 length 1004 (1) eap: EAP session adding &reply:State = 0xf7942626f6ff3f0a (1) [eap] = handled (1) } # authenticate = handled (1) Using Post-Auth-Type Challenge (1) Post-Auth-Type sub-section not found. Ignoring. (1) # Executing group from file /etc/raddb/sites-enabled/********** (1) Sent Access-Challenge Id 246 from **********:1812 to **********:62704 length 0 (1) EAP-Message = **************************************************************************** (1) Message-Authenticator = 0x00000000000000000000000000000000 (1) State = 0xf7942626f6ff3f0a42c923255cc967ab (1) Finished request Waking up in 4.9 seconds. This happens until the EAP session expires. Could anyone please offer some insight? Thanks.
On Sep 24, 2020, at 5:27 AM, lingctam <lingctam@hku.hk> wrote:
There seems to be an issue with the EAP module but I cannot spot it:
It's not an issue with the EAP module.
... (1) Sent Access-Challenge Id 246 from **********:1812 to **********:62704 length 0 (1) EAP-Message = **************************************************************************** (1) Message-Authenticator = 0x00000000000000000000000000000000 (1) State = 0xf7942626f6ff3f0a42c923255cc967ab (1) Finished request Waking up in 4.9 seconds.
This happens until the EAP session expires. Could anyone please offer some insight?
https://wiki.freeradius.org/guide/Certificate%20Compatibility If the server gets more EAP packets, it print out a huge warning message, with a link to that page. Alan DeKok.
participants (2)
-
Alan DeKok -
lingctam