Hi, I am trying to get 802.1x authentication setup for a 802.11 client in windows. I am using Freeradius version 0.8.1 with the following combination of Openssl releases
openssl-0.9.6g.tar.gz openssl-0.9.7-beta3.tar.gz openssl-SNAP-20021027.tar.gz The Freeradius makefile points to the SNAP version of openssl. I basically followed the instructions at the website: http://www.impossiblereflex.com/8021x/eap-tls-HOWTO.htm#3 Using a Windows 2000 client (with SP3 and 802.1x patch): I turned off WEP encryption. The client was able to authenticate successfully according to the Ethereal capture. But it keeps sending an EAPOL start message after a EAP Success packet is received. The EAPOLDBG trace messages in windows says "Dropping invalid SUCCESS packet". Why would a SUCCESS packet be invalid ? XP client: I then setup an XP client with encryption turned off. Authentication was successful and there were no msgs about invalid packets. EAPOL start was resent after about 10-12 minutes. This is different from the EAPOL logoff messages (I saw these as well) that are sent for automatic re-authentication. I turned on WEP encryption and it resent the EAPOL start message immediately after a EAP success was received just like in the Windows 2000 case. I believe this is not normal behaviour. There should not be re-authentication without a reason. I am not sure how to go about debugging this problem. Has anyone seen this king of behaviour before ? If so, please email me your fix. I am not in the list, so please please email me your replies. Thanks a lot Suneeta D. Software Engineer 3eTi Inc. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
