Eap-Tls Problem

Stefan Winter stefan.winter at restena.lu
Mon Aug 21 19:03:47 CEST 2006


> In SSL Handshake Phase
> In SSL Accept mode
>   eaptls_process returned 13
>   modcall[authenticate]: module "eap" returns handled for request 9
> modcall: leaving group authenticate (returns handled) for request 9
> Sending Access-Challenge of id 18 to port 1217
> ...
> Finished request 9
> Going to the next request
> Waking up in 6 seconds...
> --- Walking the entire request list ---
> Cleaning up request 8 ID 17 with timestamp 44e9b492
> Cleaning up request 9 ID 18 with timestamp 44e9b492
> Nothing to do.  Sleeping until we see a request.

Your server is sending a request to the client, but the client never replies  
to it. The client doesn't like what it gets. Have you included the Extended 
Usage OID for TLS Web Server Identification into your server cert? Also, when 
using EAP-TLS, your client's certificate must have the corresponding OID (TLS 
Client Identification).


Stefan Winter


Fondation RESTENA - Réseau Téléinformatique de l'Education Nationale et de 
la Recherche - Ingénieur de recherche

6, rue Richard Coudenhove-Kalergi
L-1359 Luxembourg

More information about the Freeradius-Devel mailing list