Problem with EAP/TLS authentication

Guillaume guillaume.chardin at gmail.com
Mon Mar 6 17:43:31 CET 2006


hi,
i am in trouble in the configuration of my radius server, eap/tls and
wifi clients, i dont know where is the error, if its in my conf or if
its in my certificates...
I run the freeradius version 1.0.4.

When Wifi client running winXP sp2 try to connect the radius, i have
this following error after (i think) a succesfull authentication:
  rlm_eap: Request found, released from the list
  rlm_eap: EAP/tls
  rlm_eap: processing type tls
  rlm_eap_tls: Authenticate
  rlm_eap_tls: processing TLS
rlm_eap_tls:  Length Included
  eaptls_verify returned 11
  eaptls_process returned 7

#error is here
>>  rlm_eap_tls: Received unexpected tunneled data after successful handshake.
 rlm_eap: Handler failed in EAP/tls
  rlm_eap: Failed in EAP select
  modcall[authenticate]: module "eap" returns invalid for request 9
modcall: group authenticate returns invalid for request 9
auth: Failed to validate the user.

Do you have any idea why it doesnt work? If i use the radtest command
with a fake user, it works...
Thanks for your help :)


---------------
here is my eap.conf:

eap {
 default_eap_type = tls
 timer_expire     = 60
 ignore_unknown_eap_types = yes
tls {
  private_key_password = eripasse
  private_key_file = /etc/pki/ERITEST/private/ERITEST.srv.mail_key.pem
  certificate_file = /etc/pki/ERITEST/private/ERITEST.srv.mail_cert.pem
  CA_file = /etc/pki/ERITEST/eritestCA.pem
  random_file = /etc/pki/tls/random.rand
  fragment_size = 1024
 }
}
--------------------------
and my users file

"user" Auth-Type := EAP
"test" Auth-Type := Local, User-Password =="test"




More information about the Freeradius-Users mailing list