Two more packet captures .... https://dl.dropbox.com/u/11681146/rex_ssl_fail_2.pcapng - Reject Message in packet # 34962
https://dl.dropbox.com/u/11681146/rex_ssl_fail_3.pcapng - Reject Message in packet # 30765 -- Neil Johnson Network Engineer The University of Iowa Phone: 319 384-0938 Fax: 319 335-2951 Mobile: 319 540-2081 E-Mail: [email protected] On 9/17/12 1:50 PM, "Johnson, Neil M" <[email protected]> wrote: >Here is a link to a Wireshark Capture of the RADIUS traffic during The >users Last event. > >He starts the Authentication Request at packet # 8335 and receives the >reject at packet # 8357. > >https://dl.dropbox.com/u/11681146/rex_ssl_fail.pcapng > >thanks. > >-Neil > > > >-- >Neil Johnson >Network Engineer >The University of Iowa >Phone: 319 384-0938 >Fax: 319 335-2951 >Mobile: 319 540-2081 >E-Mail: [email protected] > > > > > > >On 9/17/12 12:02 PM, "Johnson, Neil M" <[email protected]> wrote: > >>Here is a couple of more log excerpts. >> >> >>-- >>Neil Johnson >>Network Engineer >>The University of Iowa >>Phone: 319 384-0938 >>Fax: 319 335-2951 >>Mobile: 319 540-2081 >>E-Mail: [email protected] >> >> >> >> >> >> >>On 9/17/12 11:13 AM, "Johnson, Neil M" <[email protected]> wrote: >> >>>Here's another trace excerpt... (Attached). >>> >>> >>>-- >>>Neil Johnson >>>Network Engineer >>>The University of Iowa >>>Phone: 319 384-0938 >>>Fax: 319 335-2951 >>>Mobile: 319 540-2081 >>>E-Mail: [email protected] >>> >>> >>> >>> >>> >>> >>>On 9/17/12 11:01 AM, "Johnson, Neil M" <[email protected]> wrote: >>> >>>>Attached is an extract from the RADIUS log, where the user failed SSL >>>>authentication... >>>> >>>>We are running 4.9 with patches... >>>> >>>> >>>>-- >>>>Neil Johnson >>>>Network Engineer >>>>The University of Iowa >>>>Phone: 319 384-0938 >>>>Fax: 319 335-2951 >>>>Mobile: 319 540-2081 >>>>E-Mail: [email protected] >>>> >>>> >>>> >>>> >>>> >>>> >>>>On 9/14/12 3:42 PM, "Heikki Vatiainen" <[email protected]> wrote: >>>> >>>>>On 09/14/2012 07:16 PM, Johnson, Neil M wrote: >>>>> >>>>>> I have a wireless user who a few times a day gets asked to re-enter >>>>>>his >>>>>> credentials on his windows 7 system. After he re-enters his >>>>>>credentials >>>>>> he reconnects fine. I look in the RADIUS logs and see: >>>>>> >>>>>> Mon Sep 10 17:06:58 2012 757006: ERR: EAP PEAP TLS Handshake >>>>>> unsuccessful: 4076: 1 - error:14094417:SSL >>>>>> routines:SSL3_READ_BYTES:sslv3 alert illegal parameter >>>>>> >>>>>> I don't have any more verbose logging at this time (The user is out >>>>>>of >>>>>> the office this week), but I was wondering if anyone else had seen >>>>>>this >>>>>> error message before. >>>>> >>>>>I have seen that just a couple of times but certainly not very often. >>>>>Trace 4 log would be useful to see what happens during the TLS tunnel >>>>>setup. >>>>> >>>>>There's one PEAP related fix in 4.10 patches. What you see may be >>>>>related to PEAP fast reconnect aka session resumption. The patch fixes >>>>>problems with windows clients. >>>>> >>>>>The problem does not cause the error you are seeing so it may be >>>>>related >>>>>to some other client. However, if you can apply the patch, it might be >>>>>worth trying. >>>>> >>>>>Thanks, >>>>>Heikki >>>>> >>>>>-- >>>>>Heikki Vatiainen <[email protected]> >>>>> >>>>>Radiator: the most portable, flexible and configurable RADIUS server >>>>>anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, >>>>>Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, >>>>>TLS, >>>>>TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP, >>>>>DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS, >>>>>NetWare etc. >>>>>_______________________________________________ >>>>>radiator mailing list >>>>>[email protected] >>>>>http://www.open.com.au/mailman/listinfo/radiator >>>> >>> >> > _______________________________________________ radiator mailing list [email protected] http://www.open.com.au/mailman/listinfo/radiator
