Hi Ivan Ok i managed to install ca.der and client.p12 on my XP
When i run radiusd -X i get rad_recv: Access-Request packet from host 203.121.4.59 port 6001, id=30, length=216 User-Name = "devin...@palettemm.com" NAS-IP-Address = 203.121.4.59 Called-Station-Id = "00-20-a6-6c-49-9d:palstaff" Calling-Station-Id = "00-04-23-7b-56-b9" NAS-Identifier = "ORiNOCO-AP-700-6c-49-9d" State = 0xf30ae66df60debd09c91249e7b82f0a9 Framed-MTU = 1400 NAS-Port-Type = Wireless-802.11 EAP-Message = 0x0207002c0d000116030100205a6f866d20eb642ddc9f404f90d8650422eb751e7bb0199a016bb14e384df6fa Message-Authenticator = 0x06206416bbe520db012eb924f72ba75e +- entering group authorize {...} ++[preprocess] returns ok ++[chap] returns noop ++[mschap] returns noop [suffix] Looking up realm "palettemm.com" for User-Name = "devin...@palettemm.com" [suffix] No such realm "palettemm.com" ++[suffix] returns noop [eap] EAP packet type response id 7 length 44 [eap] No EAP Start, assuming it's an on-going EAP conversation ++[eap] returns updated ++[unix] returns notfound [files] users: Matched entry devin...@palettemm.com at line 94 ++[files] returns ok ++[expiration] returns noop ++[logintime] returns noop ++[pap] returns noop Found Auth-Type = EAP +- entering group authenticate {...} [eap] Request found, released from the list [eap] EAP/tls [eap] processing type tls [tls] Authenticate [tls] processing EAP-TLS [tls] eaptls_verify returned 7 [tls] Done initial handshake [tls] <<< TLS 1.0 Handshake [length 03b2], Certificate --> verify error:num=20:unable to get local issuer certificate [tls] >>> TLS 1.0 Alert [length 0002], fatal unknown_ca TLS Alert write:fatal:unknown CA TLS_accept:error in SSLv3 read client certificate B rlm_eap: SSL error error:140890B2:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:no certificate returned SSL: SSL_read failed in a system call (-1), TLS session fails. TLS receive handshake failed during operation [tls] eaptls_process returned 4 [eap] Handler failed in EAP/tls [eap] Failed in EAP select ++[eap] returns invalid Failed to authenticate the user. Using Post-Auth-Type Reject +- entering group REJECT {...} [attr_filter.access_reject] expand: %{User-Name} -> devin...@palettemm.com attr_filter: Matched entry DEFAULT at line 11 ++[attr_filter.access_reject] returns updated Delaying reject of request 6 for 1 seconds Going to the next request Waking up in 0.9 seconds. Sending delayed reject for request 6 Sending Access-Reject of id 30 to 203.121.4.59 port 6001 EAP-Message = 0x04070004 Message-Authenticator = 0x00000000000000000000000000000000 Waking up in 3.8 seconds. Cleaning up request 0 ID 24 with timestamp +83 Cleaning up request 1 ID 25 with timestamp +83 Cleaning up request 2 ID 26 with timestamp +83 Cleaning up request 3 ID 27 with timestamp +83 Cleaning up request 4 ID 28 with timestamp +83 Cleaning up request 5 ID 29 with timestamp +83 Waking up in 1.0 seconds. Cleaning up request 6 ID 30 with timestamp +83 Ready to process requests. Users File "devin...@palettemm.com" Auth-Type := EAP DEFAULT Auth-Type := Reject Reply-Message = "Authentication Failed" 2009/8/3 Ivan Kalik <t...@kalik.net>: >> Do i copy this file to the XP and install ca.der >> >> ca.der and client.p12 > > Yes. > > Ivan Kalik > Kalik Informatika ISP > > -- Devinder - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html