Switch sends EAP-Fail after Radius Access-Accept

A.L.M.Buxey at lboro.ac.uk A.L.M.Buxey at lboro.ac.uk
Thu Aug 6 19:06:33 CEST 2015


Hi,

> Thanks for the replies. I'm went back to using the default radiusd.conf,
> modified the client file to match my client IP subnet. However it seems that
> there is still a certificate mismatch. I built the cert in
> /etc/radddb/certs. Any ideas? I read that the certficate generated using the
> Makefile works with most OS'es. Client is running Windows 7.

if using that temporary dummy cert, did you copy the CA file to the client?
when doing EAP, the client MUST know/trust the CA... the server sends
its cert through to the client during the EAP process (creation of TLS tunnel)
and the client must know to trust it

alan


More information about the Freeradius-Users mailing list