EAP TLS fatal protocol version

Alan DeKok aland at deployingradius.com
Sun Jun 25 13:22:55 UTC 2023 

On Jun 24, 2023, at 12:52 PM, Roudi via Freeradius-Users <freeradius-users at lists.freeradius.org> wrote:
> I recently got a VPS for my RADIUS server as I am having issues keeping my local server online due to prolonged rolling blackouts.
> 
> My new server is Ubuntu 22.04.2 and I have installed the latest FreeRADIUS v3.2.3 and I am using MySQL. My FreeRADIUS server is working perfectly for PPPoE authentication on Mikrotik. My problem comes in on my Ubiquiti Sectors where I have WPA2-Enterprise Authentication on the WiFi devices. My old server is running Ubuntu 18 with FreeRadius v3.0, and on that server my WPA2-Enterprise authentication is working perfectly.
> 
> The error I am getting on the new server looks like this in the log file:
> 
> (6) eap: Calling submodule eap_peap to process data
> (6) eap_peap: (TLS) EAP Peer says that the final record size will be 62 bytes
> (6) eap_peap: (TLS) EAP Got all data (62 bytes)
> (6) eap_peap: (TLS) Handshake state - before SSL initialization
> (6) eap_peap: (TLS) Handshake state - Server before SSL initialization
> (6) eap_peap: (TLS) Handshake state - Server before SSL initialization
> (6) eap_peap: (TLS) recv TLS 1.3 Handshake, ClientHello
> (6) eap_peap: (TLS) send TLS 1.0 Alert, fatal protocol_version

  That's the critical message.

> The problem looks like the client is sending a TLS 1.3 Handshake, and FreeRADIUS is replying with a TLS 1.0 reply.

  Yes.  But that's not happening.  OpenSSL is lying to us.

  What's really happening is that the supplicant is sending a TLS 1.0 handshake, and OpenSSL tells FreeRADIUS it's TLS 1.3.  That information is only used for this message, and FreeRADIUS knows to ignore it.  OpenSSL will later change its mind, and tell us the correct version of TLS.

  Since the client is sending TLS 1.0, FreeRADIUS has to send back TLS 1.0 in any message back to the client.  So that's what is really happening.

> I have also noticed that Ubuntu 22 is using OpenSSL 3.0.2 15 and Ubuntu 18 was using OpenSSL 1.1.1. And this is where, I suspect, my problem is, but I am unsure how to get around this.

  Ubuntu 18 allows TLS 1.0.  Ubuntu 22 doesn't.

  You should really upgrade the supplicant to use TLS 1.2.  TLS 1.0 has been out of date for a very long time.  It's also been officially deprecated, which is why Ubuntu 22 doesn't allow you to use it.

> What I have tried:
> * Setting TLS Max version to 1.3 in eap config

  Se tls_min_version = 1.0

  And then update the various other configuration options for TLS 1.0.  See mods-available/eap, and look for "TLS 1.0".

> Is there anyone out there that got WPA2-Enterprise authentication working on FreeRADIUS 3.0 or 3.2 on Ubuntu 22?

  Yes:

* use TLS 1.2, and there will be nothing special required

* if the suppliants use TLS 1.0, then upgrade them.

* otherwise if you can't upgrade, then configure FreeRADIUS for TLS 1.0 as described above.

  But using TLS 1.0 is a bad idea.  Old / insecure protocols shouldn't be used.

  Alan DeKok.

More information about the Freeradius-Users mailing list