EAP/TTLS problem with Win XP and Linux

elhammoud rachida racha81 at hotmail.fr
Thu Oct 4 12:28:03 CEST 2007



> > hello,
> > i'am trying to use radius authenticate and authorise users by EAP/TTLS
> > from XP and Linux ( Debian), i'am using only a « users » like database.
> > i'am reading the documentation : http://wiki.freeradius.org
> > i've imported root.pem both Windows XP and Linux
>...
> > the server no sends response, why??
>
>   You are not reading the debug log correctly.  The server IS sending a
>challenge.  The NAS (or supplicant) then does not continue with the next
>EAP packet.
yes it's exactly,
>
>   Odds are you don't have the root certificates configured correctly.
I'am using openssl-0.9.7 to generate the certificats, and i'am importing 
root.pem to Linux
>
> > and this log by Windows XP
>...
>
>   The same thing.
>
>   It's a certificate problem.  The supplicants have decided that they
>don't like the servers certificate.  They then stop doing EAP.
>
can'i use the certificats existing in the freeradius-1.1.7 ? it's 
sufficient.
>   Look at the logs on the supplicant to see why they're stopping EAP.
>
by linux, I put this
wireshark -i eth0
but any response
by  windows, I'va this
start
Request, Identity
Response,MS-EAP-Authentication
Response, NAK (response only)
Request, EAP-TTLS
Client Hello
Request, EAP-TTLS
Response, EAP-TTLS
Server Hello, Certificate, Server Hello Done
Continuation Data
Start
Failure

>   Alan DeKok.
>-
thanks
>List info/subscribe/unsubscribe? See 
>http://www.freeradius.org/list/users.html

_________________________________________________________________
Découvrez le Blog heroic Fantaisy d'Eragon! 
http://eragon-heroic-fantasy.spaces.live.com/




More information about the Freeradius-Users mailing list