Freeradius-Users Digest, Vol 195, Issue 41

mohamed almeshal mohammed.almeshal at hotmail.com
Tue Jul 27 12:22:06 CEST 2021 

Waking up in 0.1 seconds.
 ... new connection request on TCP socket
Listening on auth+acct from client (105.196.196.165, 48321) -> (*, 2083, virtual-server=default)
(0) (TLS) Initiating new session
(0) (TLS) Setting verify mode to require certificate from client
(0) (TLS) Handshake state - before SSL initialization
(0) (TLS) Handshake state - Server before SSL initialization
(0) (TLS) Handshake state - Server before SSL initialization
(0) (TLS) recv TLS 1.3 Handshake, ClientHello
(0) (TLS) Handshake state - Server SSLv3/TLS read client hello
(0) (TLS) send TLS 1.2 Handshake, ServerHello
(0) (TLS) Handshake state - Server SSLv3/TLS write server hello
(0) (TLS) send TLS 1.2 Handshake, Certificate
(0) (TLS) Handshake state - Server SSLv3/TLS write certificate
(0) (TLS) send TLS 1.2 Handshake, ServerKeyExchange
(0) (TLS) Handshake state - Server SSLv3/TLS write key exchange
(0) (TLS) send TLS 1.2 Handshake, CertificateRequest
(0) (TLS) Handshake state - Server SSLv3/TLS write certificate request
(0) (TLS) send TLS 1.2 Handshake, ServerHelloDone
(0) (TLS) Handshake state - Server SSLv3/TLS write server done
(0) (TLS) Server : Need to read more data: SSLv3/TLS write server done
(0) (TLS) In Handshake Phase
(5) Cleaning up request packet ID 1 with timestamp +2
(6) Cleaning up request packet ID 2 with timestamp +2
Waking up in 0.8 seconds.
(0) (TLS) Server : Need to read more data: SSLv3/TLS write server done
(0) (TLS) In Handshake Phase
(0) (TLS) Application data.
(0) FAILED in TLS handshake receive
Closing TLS socket from client port 48321
Client has closed connection
 ... shutting down socket auth+acct from client (105.196.196.165, 48321) -> (*, 2083, virtual-server=default)
Waking up in 0.6 seconds.
detail (/var/log/freeradius/radacct/decoupled-accounting/detail-*:*): Polling for detail file
detail (/var/log/freeradius/radacct/decoupled-accounting/detail-*:*): Detail listener state unopened waiting 0.905778 sec
... cleaning up socket auth+acct from client (105.196.196.165, 40317) -> (*, 2083, virtual-server=default)
Waking up in 1.7 seconds.
 ... new connection request on TCP socket
Listening on auth+acct from client (105.196.196.165, 53800) -> (*, 2083, virtual-server=default)
Waking up in 0.8 seconds.

here is the debug for the situation

these are TLS in default file

listen {
type = auth+acct
ipaddr = *
port = 2083
proto = tcp
limit {
max_connections = 500
lifetime = 0
idle_timeout = 30
}
tls {
private_key_file = ${certdir}/server.pem
certificate_file = ${certdir}/server.pem
ca_file = ${cadir}/ca.pem
dh_file = ${certdir}/dh

fragment_size = 8192

cipher_list = "DEFAULT"
cipher_server_preference = yes
tls_min_version = "1.2"
tls_max_version = "1.3"

cache {
     enable = yes
     lifetime = 24 # hours
}

require_client_cert = yes
}
clients = radsec
}

More information about the Freeradius-Users mailing list