I have setup freeradius-1.1.4 for 802.1x authentication and tested it successfully using eapol_test. When I try to authenticate a voip phone, that uses the same certificate as I used before with eapol_test, authentication fails. radiusd -AX shows: ...
rad_check_password: Found Auth-Type EAP^M auth: type "EAP"^M Processing the authenticate section of radiusd.conf^M modcall: entering group authenticate for request 1^M rlm_eap: Request found, released from the list^M rlm_eap: EAP/tls^M rlm_eap: processing type tls^M rlm_eap_tls: Authenticate^M rlm_eap_tls: processing TLS^M rlm_eap_tls: Received EAP-TLS ACK message^M rlm_eap_tls: No SSL info available. Waiting for more SSL data.^M eaptls_verify returned 1 ^M eaptls_process returned 13 ^M ... 'Waiting for more SSL data' seems to be the interesting point. freeradius is obviously waiting for some data from the client. Is there anything I can configure on the server side or is this a problem with the switch/ the voip phone? The logfile is at http://www.wegener-net.de/fr/typescript.txt Norbert Wegener - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html