[PacketFence-users] 802.1x configuration

Mon, 08 Aug 2016 09:14:49 -0700 

First let me explain what I'm trying to do.  I'm trying to setup PacketFence to 
use mac and 802.1x authentication.  I have the mac address Authentication setup 
fine.  I can login through 802.1x with eap and have it authenticate against my 
domain no problem.  Works great.  Now my problem is my Windows machines with 
certificates.   I have a certificate attached to the client and my windows 
server.  Through Microsoft Radius it worked great.  In PacketFence it fails 
authentication.  When I look at the radius.log it gives me the below error.  
Can anybody help me understand what CA it wants.  Do I use PacketFence certs or 
do I import the Windows CA to PacketFence?


Mon Aug 8 10:23:22 2016 : Info: Ready to process requests

Mon Aug 8 10:23:41 2016 : ERROR: (4) eap_peap: ERROR: TLS Alert 
read:fatal:unknown CA

Mon Aug 8 10:23:41 2016 : ERROR: (4) eap_peap: ERROR: TLS_accept: Failed in 
SSLv3 read client certificate A

Mon Aug 8 10:23:41 2016 : ERROR: (4) eap_peap: ERROR: Failed in __FUNCTION__ 
(SSL_read)

Mon Aug 8 10:23:41 2016 : Auth: (4) Login incorrect (eap_peap: TLS Alert 
read:fatal:unknown CA): [host/test.abc.efg] (from client 10.1.1.5 port 2 cli 
f0:1f:af:4e:db:74)

Mon Aug 8 10:23:41 2016 : [mac:f0:1f:af:4e:db:74] Rejected user: host/abc.efg

Mon Aug 8 10:43:42 2016 : ERROR: (9) eap_peap: ERROR: TLS Alert 
read:fatal:unknown CA

Mon Aug 8 10:43:42 2016 : ERROR: (9) eap_peap: ERROR: TLS_accept: Failed in 
SSLv3 read client certificate A

Mon Aug 8 10:43:42 2016 : ERROR: (9) eap_peap: ERROR: Failed in __FUNCTION__ 
(SSL_read)

Mon Aug 8 10:43:42 2016 : Auth: (9) Login incorrect (eap_peap: TLS Alert 
read:fatal:unknown CA): [host/abc.efg] (from client 10.1.1.5 port 2 cli 
f0:1f:af:4e:db:74)

Mon Aug 8 10:43:42 2016 : [mac:f0:1f:af:4e:db:74] Rejected user: host/abc.efg


------------------------------------------------------------------------------
What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic
patterns at an interface-level. Reveals which users, apps, and protocols are 
consuming the most bandwidth. Provides multi-vendor support for NetFlow, 
J-Flow, sFlow and other flows. Make informed decisions using capacity 
planning reports. http://sdm.link/zohodev2dev
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Reply via email to