Antony King wrote: > The 'live' server is a centos5.5 box. I've tried with the standard > freeradius2 > package (version 2.1.7) and a version compiled from SRPMS in case there was a > problem with ttls in that version. The configuration was copied over from the > test server, with new keys generated but otherwise unchanged.
Were the certs re-generated? They depend on the keys. > Locally, it authenticates correctly, using the first of the two commands > above. If I try and authenticate from a remote system (eg, a NAS or my test > server), it refuses to do the ttls negotiation. This is the kind of problem where I would suggest "don't even try to debug it." Instead, follow the EAP howto on my web site (http://deployingradius.com). It will be faster and less work to re-create a working system, than to debug a broken one. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
