rlm_eap_tls: No SSL info available. Waiting for more SSL data
Norbert Wegener
norbert.wegener at siemens.com
Mon Feb 12 13:51:54 CET 2007
Alan DeKok wrote:
> Norbert Wegener wrote:
>
>> I have setup freeradius-1.1.4 for 802.1x authentication and tested it
>> successfully using eapol_test.
>> When I try to authenticate a voip phone, that uses the same certificate
>> as I used before with eapol_test, authentication fails.
>>
>
> Different implementations, different issues...
>
>
>> 'Waiting for more SSL data' seems to be the interesting point.
>> freeradius is obviously waiting for some data from the client.
>>
>
> And the client is probably waiting for more data from FreeRADIUS.
>
>
>> Is there anything I can configure on the server side or is this a
>> problem with the switch/ the voip phone?
>>
>
> I would label it a bug with the client. But I'm biases.
>
Is there anything I can do on the freeradius side to prove,
that the voip phone's 802.1x implementation is broken?
Up to now I could not convince the vendor's salesperson, that there is a
problem with his phone.
Norbert Wegener
> My worry is that "fixing" it on the server could mean breaking 802.1x
> for other clients. That's a non-starter.
>
> Alan DeKok.
> --
> http://deployingradius.com - The web site of the book
> http://deployingradius.com/blog/ - The blog
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
More information about the Freeradius-Users
mailing list