Problem connecting Client to dot1x-Network over Cisco AP

Habegger Lukas, ERZ-AZD-AIL lukas.habegger at erz.be.ch
Thu Nov 2 08:54:25 CET 2006 

Hi

On all clients is the same certificate installed.

I tried it with two installations. First i tried with a certificate
from the CA.all script and after with a certificate from a MS CA Server.

Now i use the certificate from the CA.all script. 

On my notebook i tested it wired and wireless with this certificate.

Wired it works and wireless not.

Could it be something with the certificate options

Here the certificate from the CA.all script
-------------------------------------------------------
-----BEGIN CERTIFICATE-----
MIIC+DCCAmGgAwIBAgIJAMpuxH83nFddMA0GCSqGSIb3DQEBBQUAMFwxCzAJBgNV
BAYTAkNIMQ0wCwYDVQQIEwRCZXJuMQ0wCwYDVQQHEwRCZXJuMQwwCgYDVQQKEwNF
UloxDDAKBgNVBAsTA05PQzETMBEGA1UEAxMKRnJlZXJhZGl1czAeFw0wNjA2MDky
MTA3MTdaFw0wODA2MDgyMTA3MTdaMFwxCzAJBgNVBAYTAkNIMQ0wCwYDVQQIEwRC
ZXJuMQ0wCwYDVQQHEwRCZXJuMQwwCgYDVQQKEwNFUloxDDAKBgNVBAsTA05PQzET
MBEGA1UEAxMKRnJlZXJhZGl1czCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA
v20r19aCPNjLcOT08mzXtSQiw86yXCiWPJHZaG2wF+rV7D66f3wzN2UzviNjjDrL
0kh2KDaLp4J7hhom4LjDzb9CLhSgdRnYMSpY5IUmGzIctsEPAsuWGMAlzTSlKEaY
/z9cviuqS0P9Zu+lMMN1BdiZy8n1XKf6qE2UxYRksKsCAwEAAaOBwTCBvjAdBgNV
HQ4EFgQUNC9D8X9AV03R5xmh8lCYu6q4DuYwgY4GA1UdIwSBhjCBg4AUNC9D8X9A
V03R5xmh8lCYu6q4DuahYKReMFwxCzAJBgNVBAYTAkNIMQ0wCwYDVQQIEwRCZXJu
MQ0wCwYDVQQHEwRCZXJuMQwwCgYDVQQKEwNFUloxDDAKBgNVBAsTA05PQzETMBEG
A1UEAxMKRnJlZXJhZGl1c4IJAMpuxH83nFddMAwGA1UdEwQFMAMBAf8wDQYJKoZI
hvcNAQEFBQADgYEAE1HDhrsuhju+NDVBjEX23OMvsTp4Hjf6gbiRblDwI70N7sbT
+IKU/CGV/kzbKu56J63fX3XGokp1lTRwu/fcLLMhJd5B8q0Z6HiATohSHczZXcOu
xFYubxo7eAcQTG/RzCLjrF53U1/CmzFhqEZoEvnBYk90EqZrdSWx8zs1Gow=
-----END CERTIFICATE-----
-------------------------------------------------------

Lukas

-----Ursprüngliche Nachricht-----
Von: freeradius-users-bounces+lukas.habegger=erz.be.ch at lists.freeradius.org [mailto:freeradius-users-bounces+lukas.habegger=erz.be.ch at lists.freeradius.org] Im Auftrag von Alan DeKok
Gesendet: Mittwoch, 1. November 2006 17:38
An: FreeRadius users mailing list
Betreff: Re: Problem connecting Client to dot1x-Network over Cisco AP 

"Habegger Lukas, ERZ-AZD-AIL" <lukas.habegger at erz.be.ch> wrote:
> I try to connect a wireless client (WinXP) to my dot1x-Network over a 
> Cisco AP 1242AG.
> 
> On my FreeRADIUS i get the following error:
...
> Wed Nov  1 14:59:08 2006 : Debug:   rlm_eap_tls: <<< TLS 1.0 Alert
> [length 0002], fatal bad_certificate

  Ok... it doesn't like the certificate.

> With my wired clients i don't any problems and the same setup runs 
> with a Cisco ACS

  With the same certificate?

  Alan DeKok.
--
  http://deployingradius.com       - The web site of the book
  http://deployingradius.com/blog/ - The blog
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

More information about the Freeradius-Users mailing list