The EAP-TLS packet will contain more data than we can process
Jan Schermer / ET NETERA
jan.schermer at etnetera.cz
Tue May 29 10:25:26 CEST 2007
Hi,
I'm setting up a Mikrotik wireless AP with a freeradius server behind it
and EAP-TLS, client connects "fine" (those errors are meaningless,
right? can I get rid of them?):
Tue May 29 11:47:56 2007 : Error: TLS_accept:error in SSLv3 read
client certificate A
Tue May 29 11:47:56 2007 : Error: rlm_eap: SSL error
error:00000000:lib(0):func(0):reason(0)
Tue May 29 11:47:59 2007 : Error: rlm_eap: SSL error
error:00000000:lib(0):func(0):reason(0)
Tue May 29 11:48:00 2007 : Auth: Login OK: [Jan Schermer/<no
User-Password attribute>] (from client internal-rec port 0)
but after a while, the connection is renegotiated (maybe because of weak
signal), but then it starts failing:
Tue May 29 12:01:12 2007 : Error: TLS_accept:error in SSLv3 read
client certificate A
Tue May 29 12:01:12 2007 : Error: rlm_eap: SSL error
error:00000000:lib(0):func(0):reason(0)
Tue May 29 12:01:16 2007 : Error: rlm_eap: SSL error
error:00000000:lib(0):func(0):reason(0)
Tue May 29 12:01:16 2007 : Auth: Login OK: [Jan Schermer/<no
User-Password attribute>] (from client internal-rec port 0)
Tue May 29 12:01:41 2007 : Error: TLS_accept:error in SSLv3 read
client certificate A
Tue May 29 12:01:41 2007 : Error: rlm_eap: SSL error
error:00000000:lib(0):func(0):reason(0)
Tue May 29 12:02:42 2007 : Error: TLS_accept:error in SSLv3 read
client certificate A
Tue May 29 12:02:42 2007 : Error: rlm_eap: SSL error
error:00000000:lib(0):func(0):reason(0)
Tue May 29 12:02:44 2007 : Error: rlm_eap_tls: The EAP-TLS packet will
contain more data than we can process.
Tue May 29 12:02:44 2007 : Auth: Login incorrect: [Jan Schermer/<no
User-Password attribute>] (from client internal-rec port 0)
Tue May 29 12:02:53 2007 : Error: TLS_accept:error in SSLv3 read
client certificate A
Tue May 29 12:02:53 2007 : Error: rlm_eap: SSL error
error:00000000:lib(0):func(0):reason(0)
Tue May 29 12:02:55 2007 : Error: rlm_eap_tls: The EAP-TLS packet will
contain more data than we can process.
Tue May 29 12:02:55 2007 : Auth: Login incorrect: [Jan Schermer/<no
User-Password attribute>] (from client internal-rec port 0)
Tue May 29 12:03:08 2007 : Error: TLS_accept:error in SSLv3 read
client certificate A
Tue May 29 12:03:08 2007 : Error: rlm_eap: SSL error
error:00000000:lib(0):func(0):reason(0)
Tue May 29 12:03:09 2007 : Error: rlm_eap_tls: The EAP-TLS packet will
contain more data than we can process.
Tue May 29 12:03:09 2007 : Auth: Login incorrect: [Jan Schermer/<no
User-Password attribute>] (from client internal-rec port 0)
What might be the cause of this? I suspect that Mikrotik corrupts the
packets somehow...
I'm using freeradius 1.1.3-3 (debian etch version with EAP-TLS enabled)
Thanks
--
Jan Schermer
Linux Administrator
ET NETERA | smart e-business solutions
jan.schermer at etnetera.cz
+420 608022225
~
[ www.ahold.cz | www.annonce.cz | www.datart.cz ]
[ www.knizniweb.cz | www.siemens.cz | www.cz.o2.com ]
Created by ET NETERA | Powered by jNetPublish
-------------- next part --------------
A non-text attachment was scrubbed...
Name: jan.schermer.vcf
Type: text/x-vcard
Size: 354 bytes
Desc: not available
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20070529/72aaebfe/attachment.vcf>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 7538 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20070529/72aaebfe/attachment.bin>
More information about the Freeradius-Users
mailing list