no response from eap challenge
aland at deployingradius.com
Mon May 10 21:44:40 CEST 2021
On May 10, 2021, at 1:31 PM, Bill Schoolfield <bill at billmax.com> wrote:
> I'm having difficulty getting eap-ttls to work for a cambium 450 AP and SM. As far as I know (I took over this project from someone else), I have a relatively stock setup (using the cert generated by freeradius, etc) with few changes to configuration. Initially I tried to get the cambium equipment working and ran into tls versions issues. It appears the cambium equipment only works on tls 1.0 (yes I know this is bad). So I've set the min and max tls versions accordingly. Now I have the situation where the server gets no response from the eap challenge.
That's almost always due to the client not liking (or knowing about) the server certificate, and/or the CA cert.
> I also have tried the radeapclient and I get the same result. The log for the radeapclient and freeradius are listed below. Suggestions on what is wrong?
radeapclient does EAP-MD5. It doesn't do EAP-TLS. You'll need eapol_test for that.
Make sure that the supplicant has the correct CA configured. And hopefully the supplicant has useful logs. :(
More information about the Freeradius-Users