> hello,
> i'am trying to use radius authenticate and authorise users by EAP/TTLS
> from XP and Linux ( Debian), i'am using only a « users » like database.
> i'am reading the documentation : http://wiki.freeradius.org
> i've imported root.pem both Windows XP and Linux
...
> the server no sends response, why??
You are not reading the debug log correctly. The server IS sending a
challenge. The NAS (or supplicant) then does not continue with the next
EAP packet.
yes it's exactly,
Odds are you don't have the root certificates configured correctly.
I'am using openssl-0.9.7 to generate the certificats, and i'am importing
root.pem to Linux
> and this log by Windows XP
...
The same thing.
It's a certificate problem. The supplicants have decided that they
don't like the servers certificate. They then stop doing EAP.
can'i use the certificats existing in the freeradius-1.1.7 ? it's
sufficient.
Look at the logs on the supplicant to see why they're stopping EAP.
by linux, I put this
wireshark -i eth0
but any response
by windows, I'va this
start
Request, Identity
Response,MS-EAP-Authentication
Response, NAK (response only)
Request, EAP-TTLS
Client Hello
Request, EAP-TTLS
Response, EAP-TTLS
Server Hello, Certificate, Server Hello Done
Continuation Data
Start
Failure
Alan DeKok.
-
thanks
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
_________________________________________________________________
Découvrez le Blog heroic Fantaisy d'Eragon!
http://eragon-heroic-fantasy.spaces.live.com/
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html