I feel I should put this out there just in case someone else does something as unusual as this:
This morning, one of my staff members reported that her PC, which we're testing 802.1x authentication on, was dropping off the network. I thought to check the logfile and found Wed May 11 10:09:38 2011 : Error: TLS Alert write:fatal:bad record mac Wed May 11 10:09:38 2011 : Error: rlm_eap: SSL error error:1408F119:SSL routines:SSL3_GET_RECORD:decryption failed or bad record mac Wed May 11 10:09:38 2011 : Error: SSL: SSL_read failed in a system call (-1), TLS session fails. Googling came up with a lot of hits from this list, but none of the cases seemed to fit exactly. I restarted the daemon to see if there was a problem there but the error came back again. Finally since this seemed to be limited to the one machine alone I did some digging into the environment. Turns out, this is a newish machine, and the old one is still on the network and running. Further, she had just set a reservation for the new PC in DHCP, to use the old one's address. The old one, though, still had the old address. So we had two machines on a single switch port (using a dumb mini-switch), both with the same IP. We reassigned the old PC's IP and haven't seen a problem since. Amazing what can happen when you really screw up your environment. This E-mail, along with any attachments, is considered confidential and may well be legally privileged. If you have received it in error, you are on notice of its status. Please notify us immediately by reply e-mail or call 215-931-0300 / 800-228-8801 and then delete this message from your system. Please do not copy it or use it for any purposes, or disclose its contents to any other person. Thank you for your cooperation. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
