disconnections

John Fawcett johnml at michaweb.net
Mon Jun 20 00:59:17 CEST 2005


I'm using freeradius 1.0.0 on suse 9.2 to authenticate wireless users
from a US Robotics USR5450 Access Point via eap-ttls (with eap-md5)

Although the connection is established it is disconnected after 4
minutes (sometimes 2 minutes or 6 minutes). I get entries like the
following repeated every four minutes in the radius.log

Mon Jun 20 00:37:59 2005 : Info: rlm_eap_tls:  Length Included
Mon Jun 20 00:37:59 2005 : Error:     TLS_accept:error in SSLv3 read
client certificate A
Mon Jun 20 00:38:00 2005 : Info: rlm_eap_tls: Received EAP-TLS ACK message
Mon Jun 20 00:38:02 2005 : Info: rlm_eap_tls:  Length Included
Mon Jun 20 00:38:02 2005 : Info:     (other): SSL negotiation finished
successfully
Mon Jun 20 00:38:02 2005 : Info: rlm_eap_tls:  Length Included
Mon Jun 20 00:38:02 2005 : Info: rlm_eap_md5: Issuing Challenge
Mon Jun 20 00:38:03 2005 : Info: rlm_eap_tls:  Length Included
Mon Jun 20 00:38:03 2005 : Auth: Login OK: [steve/<no User-Password
attribute>] (from client localhost port 0 cli 00-0e-35-c7-e3-fe)
Mon Jun 20 00:38:03 2005 : Auth: Login OK: [steve/<no User-Password
attribute>] (from client usrobotics port 0 cli 00-0e-35-c7-e3-fe)

Just a couple of more points:
I don't think the TLS_accept: error is serious.
I cannot explain why there are two Auth Logins one from the NAS and one
from localhost.

Any help appreciated. I somehow get the impression that I'm probably not
passing back the right attributes to the NAS: for testing I'm using the
users file:
steve   User-Password == "testing"
    Framed-IP-Address = 192.168.1.67,
    Framed-IP-Netmask = 255.255.255.0,
    Service-Type = Framed-User

Thanks
John



More information about the Freeradius-Users mailing list