On 8/29/06, Tilen <[EMAIL PROTECTED]> wrote:
So here comes something really weird:
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 192.168.1.1:3072, id=0,
length=147
User-Name = "test"
NAS-IP-Address = 192.168.1.1
Called-Station-Id = "004010100003"
Calling-Station-Id = "000e3557c74e"
NAS-Identifier = "004010100003"
NAS-Port = 30
Framed-MTU = 1400
State = 0x123b5c7e213692f7121dbe4052274024
NAS-Port-Type = Wireless-802.11
EAP-Message = 0x0202001119800000000715030100020230
Message-Authenticator =
0xd65ea4a0e55f28c1e76a6b51f9ec9467
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 2
That's a tls1.0 Alert message the part "....1503...". Therefore the
openssl lib bails out of further processing as specified in RFC2246.
Thats (arguably somewhat hard to understand) also mentioned int the
output:
3447:error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown
ca:s3_pkt.c:1052:SSL alert number 48
3447:error:140940E5:SSL routines:SSL3_READ_BYTES:ssl handshake
failure:s3_pkt.c:837:
So your client wasn't able to fiind a correct CA certificate for the
cert freeradius had sent before. Please see to provide those. If in
doubt, check with dummy ones to be created by CA.all script.
regards
K. Hoercher
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
