Yup, it appears to be an interaction between the client and our wireless infrastructure.
If the user connects to a different vendor's of AP. It seems to work fine. -Neil -- Neil Johnson Network Engineer The University of Iowa Phone: 319 384-0938 Fax: 319 335-2951 Mobile: 319 540-2081 E-Mail: [email protected] On 9/21/12 10:32 AM, "Johnson, Neil M" <[email protected]> wrote: >Heikki, > >It's looking more and more like a client issue. We gave the user a >different Wireless NIC and they have had no issues. > >We are trying to determine if it's a client and wireless vendor issue or >just the client. > >Thanks for your assistance. > >-Neil > >-- >Neil Johnson >Network Engineer >The University of Iowa >Phone: 319 384-0938 >Fax: 319 335-2951 >Mobile: 319 540-2081 >E-Mail: [email protected] > > > > > > >On 9/18/12 4:13 PM, "Johnson, Neil M" <[email protected]> wrote: > >> >>Heikki, >> >>It's my understanding that he is running the stock windows supplicant. I >>will check. >> >>The customer in question can connect most of the time, it's just that >>every few hours he gets asked to re-enter his credentials, which >>coincides >>with the TLS error messages. >> >> >>Thanks. >>-Neil >> >>-- >>Neil Johnson >>Network Engineer >>The University of Iowa >>Phone: 319 384-0938 >>Fax: 319 335-2951 >>Mobile: 319 540-2081 >>E-Mail: [email protected] >> >> >> >> >> >> >>On 9/18/12 1:47 PM, "Heikki Vatiainen" <[email protected]> wrote: >> >>>On 09/17/2012 11:31 PM, Johnson, Neil M wrote: >>> >>>> Two more packet captures .... >>> >>>Thanks for the captures and Radiator log snippets. I noticed the Windows >>>7 client advertises its support for elliptic curve cryptography cipher >>>suites >>>http://tools.ietf.org/html/rfc4492 >>> >>>Is the PEAP client software user has the one that comes with Windows or >>>maybe something else? The Windows 7 default client should work well with >>>Radiator so I thought is this possibly some other client. >>> >>>The TLS negotiation continues in some of the pcaps with Radiator picking >>>up TLS_RSA_WITH_AES_128_CBC_SHA and I see nothing peculiar there. It's >>>hard to say why some tries end up with alerts. >>> >>>Thanks, >>>Heikki >>> >>>-- >>>Heikki Vatiainen <[email protected]> >>> >>>Radiator: the most portable, flexible and configurable RADIUS server >>>anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, >>>Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, >>>TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP, >>>DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS, >>>NetWare etc. >> >>_______________________________________________ >>radiator mailing list >>[email protected] >>http://www.open.com.au/mailman/listinfo/radiator > _______________________________________________ radiator mailing list [email protected] http://www.open.com.au/mailman/listinfo/radiator
