TLS errors and clients sometimes rejected
Rodrigo Abrantes Antunes
rodrigoantunes at pelotas.ifsul.edu.br
Tue Sep 17 15:06:53 UTC 2024
Citando Alan DeKok <aland at deployingradius.com>:
> The client is saying it doesn't like FreeRADIUS, or vice-versa.
cipher_list = "DEFAULT at SECLEVEL=0"
tls_min_version = "1.0"
tls_max_version = "1.2"
These options doesn't say that freeradius should support all tls
versions until 1.2? Why freeradius wouldn't like the TLS version used
by the client?
And why sometimes the same clients are accepted?
I have another freeradius server version 2.2.5 that don't have this
problem, all users can use the internet no matter the client's tls
version.
> There's little to do except upgrade the client.
These are android devices that can't upgrade. I can't ask the students
to buy another cellphone and I need to allow them to access the
internet.
More information about the Freeradius-Users
mailing list