WPA Authentication

Devinder Singh devinbhullar at gmail.com
Tue Aug 4 09:25:51 CEST 2009 

Hi

I have followed the instructions in /etc/raddb/certs to generate root
server and client certificates .

i copied root.der and client.p12 to XP machine and managed to install
without any problems on XP

i had configured Proxim AP 700 with WPA authentication

When i click on SSID palstaff i get a pop up to select the client
devinder at palettemm.com

When i ran radisud -X i get some strange error in SSL

Need you assistance on this.


files] users: Matched entry devinder at palettemm.com at line 94
++[files] returns ok
++[expiration] returns noop
++[logintime] returns noop
++[pap] returns noop
Found Auth-Type = EAP
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/tls
[eap] processing type tls
[tls] Authenticate
[tls] processing EAP-TLS
[tls] eaptls_verify returned 7
[tls] Done initial handshake
[tls] <<< TLS 1.0 Handshake [length 03b2], Certificate
--> verify error:num=20:unable to get local issuer certificate
[tls] >>> TLS 1.0 Alert [length 0002], fatal unknown_ca
TLS Alert write:fatal:unknown CA
    TLS_accept:error in SSLv3 read client certificate B
rlm_eap: SSL error error:140890B2:SSL
routines:SSL3_GET_CLIENT_CERTIFICATE:no certificate returned
SSL: SSL_read failed in a system call (-1), TLS session fails.
TLS receive handshake failed during operation
[tls] eaptls_process returned 4
[eap] Handler failed in EAP/tls
[eap] Failed in EAP select
++[eap] returns invalid
Failed to authenticate the user.
Using Post-Auth-Type Reject
+- entering group REJECT {...}
[attr_filter.access_reject]     expand: %{User-Name} -> devinder at palettemm.com
 attr_filter: Matched entry DEFAULT at line 11
++[attr_filter.access_reject] returns updated
Delaying reject of request 6 for 1 seconds
Going to the next request
Waking up in 0.9 seconds.
Sending delayed reject for request 6
Sending Access-Reject of id 126 to 203.121.4.59 port 6001
        EAP-Message = 0x04070004
        Message-Authenticator = 0x00000000000000000000000000000000
Waking up in 3.8 seconds.
Cleaning up request 0 ID 120 with timestamp +781
Cleaning up request 1 ID 121 with timestamp +781
Cleaning up request 2 ID 122 with timestamp +781
Cleaning up request 3 ID 123 with timestamp +781
Cleaning up request 4 ID 124 with timestamp +781
Cleaning up request 5 ID 125 with timestamp +781
Waking up in 1.0 seconds.
Cleaning up request 6 ID 126 with timestamp +781
Ready to process requests.


Devinder

More information about the Freeradius-Users mailing list