Problems in EAP-TLS in new Windows XP clients

Alexandros Gougousoudis gougousoudis at kh-berlin.de
Mon Sep 18 14:39:50 CEST 2006 

Hi Jose,

>  On the last month I'm having problems making new Windows XP clients connect to the network,
> even when old instalations of Windows XP SP2 are working good so far. The OEM Windows XP on the

thats interessting, because I posted the error on the list a couple of 
minutes ago. After viewing your logs, it seems that you got a client 
certificate error, as I got.

This is a part of your linked log:

   modcall[authorize]: module "files" returns ok for request 3
modcall: leaving group authorize (returns updated) for request 3
   rad_check_password:  Found Auth-Type EAP
auth: type "EAP"
   Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 3
   rlm_eap: Request found, released from the list
   rlm_eap: EAP/tls
   rlm_eap: processing type tls
   rlm_eap_tls: Authenticate
   rlm_eap_tls: processing TLS
rlm_eap_tls:  Length Included
   eaptls_verify returned 11
     (other): before/accept initialization
     TLS_accept: before/accept initialization
   rlm_eap_tls: <<< TLS 1.0 Handshake [length 0041], ClientHello
     TLS_accept: SSLv3 read client hello A
   rlm_eap_tls: >>> TLS 1.0 Handshake [length 004a], ServerHello
     TLS_accept: SSLv3 write server hello A
   rlm_eap_tls: >>> TLS 1.0 Handshake [length 0800], Certificate
     TLS_accept: SSLv3 write certificate A
   rlm_eap_tls: >>> TLS 1.0 Handshake [length 00fb], CertificateRequest
     TLS_accept: SSLv3 write certificate request A
     TLS_accept: SSLv3 flush data
     TLS_accept:error in SSLv3 read client certificate A
rlm_eap: SSL error error:00000000:lib(0):func(0):reason(0)

I have this problem on a new XP Home (SP1 and SP2).


I still don't know what the real problem is, but I'll try to find it out 
and post to the list. Please do so also, if you find the solution.
cu
  Alex



-- 
ServiceCenter IT - Alexandros Gougousoudis (Leiter)

Gemeinsame Einrichtung der Kunsthochschule Berlin-Weissensee, Hochschule 
für Musik "Hanns Eisler" und der Hochschule für Schauspielkunst "Ernst 
Busch".

Tel.: 030 / 477 05 - 444 * Fax.: 030 / 477 05 - 445

More information about the Freeradius-Users mailing list