Stuck at "More than 50 roundtrips"
thomas at habets.se
thomas at habets.se
Tue Oct 24 20:03:28 UTC 2023
On Tue, 24 Oct 2023 00:48:50 +0100, Alan DeKok <aland at deployingradius.com> said:
>> I'm trying to set up EAP-TLS with certificates with an Android Pixel 7
>> Pro, latest OS, via a Unifi U6 Pro, using FreeRadius 3.0.17
> 3.0.26 has been out for a while. I'd suggest using the most recent
> version. It's likely that the issue is fixed.
tl;dr: It does work with the new version. Thank you for your help, and
I sincerely apologize for not asking my question in the better,
clearly documented, way.
I'll add some notes below merely for archives, in case someone else
encounters this.
> One thing which could be an issue is that EAP-TLS was updated for
> TLS 1.3. Version 3.0.26 has those updates. 3.0.17 doesn't. And
> the Android system is likely trying to use TLS 1.3
The debug output with 3.0.17 mentioned ignoring some TLS 1.3. On the
Android side I could only choose minimum, not maximum, TLS
version. I'd tried setting min and max version on the FreeRadius side,
but it did not help.
> Upgrade. If it works, move on to something else.
Yup, no need to run older versions just because it's the one packaged
with the distribution.
Thanks again!
--
typedef struct me_s {
char name[] = { "Thomas Habets" };
char email[] = { "thomas at habets.se" };
char kernel[] = { "Linux" };
char *pgpKey[] = { "http://www.habets.pp.se/pubkey.txt" };
char pgp[] = { "9907 8698 8A24 F52F 1C2E 87F6 39A4 9EEA 460A 0169" };
char coolcmd[] = { "echo '. ./_&. ./_'>_;. ./_" };
} me_t;
More information about the Freeradius-Users
mailing list