EAP fails on TLS protocol version with Windows 7, works fine with Windows 10

Alan DeKok aland at deployingradius.com
Mon Nov 23 17:58:41 CET 2020

On Nov 23, 2020, at 11:32 AM, Jochem Sparla <J.Sparla at iolan.com> wrote:
> I checked and enabled TLS 1.1 and 1.2 as described.
> With 1.0 + 1.1 + 1.2 enabled, the problem stays the same.

  Was this on the Windows system?

  The issue isn't that TLS 1.0, etc. are enabled.  The issue is that TLS 1.3 is enabled.  You need to turn that off.

> With 1.0 disabled, and 1.1 + 1.2 enabled, the problem changes.
> I now get a "WARNING: !! EAP session for state 0x*************** did not finish!".
> I searched: this is usually a certificate or MTU problem.
> I do not use certificates at the moment. In Windows configuration 'check server certificate' is not checked.
> I changed the MTU of the client from 1500 to 1250 and 1000, without success.
> What else can be causing this?

  As I said, the Windows system is doing TLS 1.3.  You have to turn that off.

  Alan DeKok.

More information about the Freeradius-Users mailing list