eap PEAP + tls 1.3
dextá
dexter7bbot at gmail.com
Wed Feb 8 17:09:01 UTC 2023
Hi,
Windows 11 22h2 does not connect via eap PEAP.
I checked that in freeradius version 3.2.1 PEAP supports tls 1.3, but still
the error below occurs.
https://github.com/FreeRADIUS/freeradius-server/blob/v3.2.x/raddb/mods-available/eap#L490
eap: Peer sent EAP Response (code 2) ID 5 length 34
(14) eap: Continuing tunnel setup
(14) [eap] = ok
(14) } # authorize = ok
(14) Found Auth-Type = eap
(14) # Executing group from file /etc/freeradius/sites-enabled/default
(14) authenticate {
(14) eap: Expiring EAP session with state 0x85400eb38645171a
(14) eap: Finished EAP session with state 0x85400eb38645171a
(14) eap: Previous EAP request found for state 0x85400eb38645171a, released
from the list
(14) eap: Peer sent packet with method EAP PEAP (25)
(14) eap: Calling submodule eap_peap to process data
(14) eap_peap: (TLS) EAP Peer says that the final record size will be 24
bytes
(14) eap_peap: (TLS) EAP Got all data (24 bytes)
(14) eap_peap: (TLS) send TLS 1.3 Alert, fatal bad_record_mac
(14) eap_peap: ERROR: (TLS) Alert write:fatal:bad record mac
(14) eap_peap: (TLS) Server : Need to read more data: error
(14) eap_peap: ERROR: (TLS) Failed reading from OpenSSL: error:1408F119:SSL
routines:ssl3_get_record:decryption failed or bad record mac
(14) eap_peap: ERROR: (TLS) System call (I/O) error (-1)
(14) eap_peap: ERROR: (TLS) EAP Receive handshake failed during operation
(14) eap_peap: ERROR: [eaptls process] = fail
(14) eap: ERROR: Failed continuing EAP PEAP (25) session. EAP sub-module
failed
(14) eap: Sending EAP Failure (code 4) ID 5 length 4
(14) eap: Failed in EAP select
(14) [eap] = invalid
Any tips?
More information about the Freeradius-Users
mailing list