Hi, thanks for your reply.
Am 04.04.2011 16:27, schrieb Stefan Winter:
The original radius has a trusted certificate, signed by our CA. The clone has also a trusted certificate with its DN registred in DNS. I edited the corresponding section in eap.conf and placed the filename of the new certificate- and keyfile.Hi, PEAP can work with or without client certs. Both run through the "tls" instance; that is no error. The problem is much rather here:Sending Access-Challenge of id 219 to ... port 32769 Waking up in 2.0 seconds. Cleaning up request 0 ID 219 with timestamp +3 WARNING: !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! WARNING: !! EAP session for state 0x3abc7e1c3abf6764 did not finish! WARNING: !! Please read http://wiki.freeradius.org/Certificate_Compatibility WARNING: !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! Ready to process requests.The client probably doesn't like the server certificate, and stops talking to the server. When you cloned your RADIUS server, did you give the clone a different certificate afterwards? FreeRADIUS will generate a sample one on first start. If your client only trusts the old one, it won't talk to the new one...
private_key_file = ${certdir}/roaming.key
certificate_file = ${certdir}/roaming.pem
The certificates were generate with the same attributes (exept the DN).
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
