Certificate Compatibility

Jim Rice jmrice6640 at yahoo.com
Tue Mar 29 21:51:01 CEST 2011


Looks like it got a bit further this time.
If I am looking at this right, it got throught the TTLS part.
But now what?  The SM is just "Registering".

I am hoping that this is something simple and obvious to you guys...
(Just the tail end for now):

...
rad_recv: Access-Request packet from host 10.111.4.254 port 1273, id=0, length=439
Cleaning up request 4 ID 0 with timestamp +41
WARNING: !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
WARNING: !! EAP session for state 0xf2937007f695654f did not finish!
WARNING: !! Please read http://wiki.freeradius.org/Certificate_Compatibility
WARNING: !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
        User-Name = "0a-00-3e-f0-11-34"
        State = 0xf2937007f695654f37c0362b1499c219
        NAS-IP-Address = 10.111.4.254
        NAS-Port = 5
        NAS-Port-Type = Wireless-802.11
        Framed-MTU = 1020
        EAP-Message = 0x020601501580000001461603010106100001020100b208c439d0d90984cce915a82a4455cfcd9088e55760daeb8ff2e4b2bd5115bf3fe2b8e1270daf4dca4cf81a7392
bbf684e2de7147ef4b7bc5dd54a9dd5d682f77959c1b0d7b5af3e64835e4e0e8bc2c76da431b0ff2d36fb94cb4a964da32027c46c54ea060de1a75e0a9e9ad8fac1e810af9a6b82c9e37353afc4aab
0126e19f18d7e6d3998534e364fbeab676acb4eb98b71b3afdf5f850fda7b7d1952e67de3abff875519824c3bd7f91ea33a6e9db3b5132c4947a9128c156f20b809211586ba7961c20edcb9e1bbc81
818b25c499288cd11014ea181eb05c2e0fd566a41121df762993fd0a
        EAP-Message = 0x10d47398e6dfe27ced7bf9082d0cbb8261315423405c9b2d14030100010116030100303b8f5f207e14a34c814835a671de3025cf69c55a20976e348d692f622b1f8182
e619567c8b8866c571c1ac6df11adb0d
        Message-Authenticator = 0x0940909b598c4170a6f820374c4adf48
# Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
++[digest] returns noop
[suffix] No '@' in User-Name = "0a-00-3e-f0-11-34", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 6 length 253
[eap] Continuing tunnel setup.
++[eap] returns ok
Found Auth-Type = EAP
# Executing group from file /usr/local/etc/raddb/sites-enabled/default
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/ttls
[eap] processing type ttls
[ttls] Authenticate
[ttls] processing EAP-TLS
  TLS Length 326
[ttls] Length Included
[ttls] eaptls_verify returned 11
[ttls] <<< TLS 1.0 Handshake [length 0106], ClientKeyExchange
[ttls]     TLS_accept: SSLv3 read client key exchange A
[ttls] <<< TLS 1.0 ChangeCipherSpec [length 0001]
[ttls] <<< TLS 1.0 Handshake [length 0010], Finished
[ttls]     TLS_accept: SSLv3 read finished A
[ttls] >>> TLS 1.0 ChangeCipherSpec [length 0001]
[ttls]     TLS_accept: SSLv3 write change cipher spec A
[ttls] >>> TLS 1.0 Handshake [length 0010], Finished
[ttls]     TLS_accept: SSLv3 write finished A
[ttls]     TLS_accept: SSLv3 flush data
[ttls]     (other): SSL negotiation finished successfully
SSL Connection Established
[ttls] eaptls_process returned 13
++[eap] returns handled
Sending Access-Challenge of id 0 to 10.111.4.254 port 1273
        EAP-Message = 0x0107004515800000003b1403010001011603010030e9d5415f2dab4d08d3188d183d0c4dc68f65eae604b877e87fc28021e38c48e39ad145595d4cbbbcc00bcd4a5eb6
17f2
        Message-Authenticator = 0x00000000000000000000000000000000
        State = 0xf2937007f794654f37c0362b1499c219
Finished request 5.
Going to the next request
Waking up in 4.9 seconds.
Cleaning up request 5 ID 0 with timestamp +42
WARNING: !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
WARNING: !! EAP session for state 0xf2937007f794654f did not finish!
WARNING: !! Please read http://wiki.freeradius.org/Certificate_Compatibility
WARNING: !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Ready to process requests.




More information about the Freeradius-Users mailing list