EAP-session did no finish! (Linux)

Phil Mayers p.mayers at imperial.ac.uk
Tue Jan 17 12:24:01 CET 2012

On 17/01/12 11:11, Alberto Martínez wrote:
> Hello Alan.
> "Almost" means the difference between passwords, directories and such. I
> suspected of the certificate and worked on it, but the error is still there.

It's probably the cert.

If it's NOT the cert, then you need to investigate the AP/switch or the 
client; FreeRADIUS is not receiving the next packet, so either the 
client or the AP/switch has dropped / ignored it.

One thing to check is MTU; you've trimmed the debug so it's hard to 
know, but usually the next EAP packet would be large(-ish).

Also check the client - look in the logs, or use tcpdump to check the 
client actually receives the EAP packet, and sends a reply. Likewise the 

Also check any firewalls inbetween.

> ....
> [eap] EAP packet type response id 1 length 23
> [eap] No EAP Start, assuming it's an on-going EAP conversation << It
> should be a start, since it's the first message to arrive

No. That's not really true. Ignore that debug message.

More information about the Freeradius-Users mailing list