> I have working, fresh FreeRADIUS 2.1.6 configuration with certificates for > EAP-TLS in wireless network - Access-Accept with real AP and eapol_test > tool. An attempt to use this environment (except NAS) for wired network - > this same client (MS Vista), server and certs unfortunately doesn't work > (logs below). Changing authentication protocol to MSCHAP allow to > authenticate client. Can anybody explain this?
That Vista supplicant is broken: ... > rad_recv: Access-Request packet from host 82.177.110.254 port 1031, id=10, > length=132 > State = 0xa0f2d08ba418ddd73e9644301c3ef096 > NAS-Port-Type = Ethernet > User-Name = "user" > NAS-IP-Address = 192.168.167.10 > NAS-Port = 2 > Framed-MTU = 1000 > NAS-Port-Id = "Port 2" > Calling-Station-Id = "00-21-70-88-3f-c1" > Called-Station-Id = "00-30-4f-64-76-eb" > Message-Authenticator = 0xfbc6c2b85d0058ca9db53c130e84189c ... > [eap] No EAP-Message, not doing EAP > ++[eap] returns noop ... It stopped doing EAP for some reason. There is no EAP-Message in that last packet. Ivan Kalik Kalik Informatika ISP - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html