help for using eap and TTLS

Maurice.Bourguel bourguel at cirm.univ-mrs.fr
Wed Jun 1 15:09:14 CEST 2005 

Hello all,
	I'm using freeradius-1.0.2 with AceesPoint Cisco ap1100; I'm
using eap/ttls to authenticate users. 
	I try to connect to with Xp clients or Mac osX clients; All go wrong.
	When using Mac OSX client and 802.1X setup ( authentification TTLS alone 
with PAP Authentication interne TTLS) Mac OSX client obtain the two
certificates: authoritative and server. But it is not connecting. It loops
on authentication process.

Here is the trace from /usr/local/sbin/radiusd -X -A:

 Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 2
  rlm_eap: EAP Identity
  rlm_eap: processing type tls
 rlm_eap_tls: Requiring client certificate
  rlm_eap_tls: Initiate
  rlm_eap_tls: Start returned 1
  modcall[authenticate]: module "eap" returns handled for request 2
modcall: group authenticate returns handled for request 2
Sending Access-Challenge of id 127 to 139.124.3.235:21661
        Framed-MTU = 576
        Service-Type = Framed-User
        EAP-Message = 0x010300060d20
        Message-Authenticator = 0x00000000000000000000000000000000
        State = 0x37a760f21d2a0b8d0fdd492ccd5e7d17
Finished request 2
Going to the next request
--- Walking the entire request list ---

What means
	rlm_eap_tls: Requiring client certificate
 	rlm_eap_tls: Start returned 1
  	modcall[authenticate]: module "eap" returns handled for request 2
  	
How should I fix this?
Any help will be appreciated.
	
I have configured freeradius and openssl using these articles:
	http://www.alphacore.net/spip/article.php3?id_article=45
	http://www.alphacore.net/spip/article.php3?id_article=33
	http://rbirri.9online.fr/howto/Freeradius_+_TTLS.html


Regards,
Maurice
***********************************************************
* e-mail : bourguel at cirm.univ-mrs.fr                      *
----------------------------------------------------------
* Maurice Bourguel               +                        *
* CIRM - MENRT-CNRS-SMF          +                        *
* case 916, 163 Avenue de Luminy + tel (33) 04 91 83 30 23*
* 13288 Marseille Cedex 9        + fax (33) 04 91 83 30 05*
***********************************************************
*http://www.cirm.univ-mrs.fr                              *
***********************************************************

More information about the Freeradius-Users mailing list