How to investigate failed Android authentication (EAP-TLS) on WiFi reconnection
dbarbon at olicom.eu
Thu Nov 10 15:46:56 UTC 2022
Hello, I've a Linux Ubuntu 18.04 server with Freeradius 3.0.16 on x86_64
Freeradius is used only to provide Android devices authentication
(EAP-TLS); the authentication works.
The WiFi network was installed by my client: it is a geographical
distributed WiFi with a controller and 10 access points.
Sometimes, when one smartphone moves out of WiFi network area and then
come back, the connection to WiFi fails. I can reconnect only after a
WiFi off / on from Android network settings.
I want to investigate this behaviour; I've found these recurring errors
inside last month log files:
ERROR: rlm_eap (EAP): No EAP session matching state 0x3d4e1475385119b8
ERROR: TLS Alert write:fatal:protocol version
ERROR: TLS Alert read : fatal:unknown CA
ERROR: (658258) eap_tls: ERROR: TLS Alert read : fatal : internal error
ERROR: (644636) eap_tls: ERROR: TLS Alert read : fatal:bad certificate
ERROR: (639156) eap: ERROR: rlm_eap (EAP): Aborting! More than 50
roundtrips made in session with state 0xfd858905cfb18490
ERROR: (367333) eap_tls: ERROR: TLS Alert write:fatal:protocol version
Could you please suggest a debug checklist / debug process to help me
understand why this behaviour happen?
More information about the Freeradius-Users