Hi everybody.
I configured Freeradius 2.1.10 Debian 6.0.2 using EAP-TLS authentication. I
generated the client and server certificated with XP extention. I created my
certificated in the freeradius server, is that ok? or I have to create it in a
different machine? I am validating my client (Windows XP) with the server and
I get this error:
I wouls appreciate any help. I would Like to know if this is a certificated
error or a configuration error on my freeradius server.
[peap] TLS_accept: Need to read more data: SSLv3 read client
certificate A
In SSL Handshake Phase
In SSL Accept mode
[peap] eaptls_process returned 13
[peap] EAPTLS_HANDLED
++[eap] returns handled
Sending Access-Challenge of id 178 to 129.90.74.5 port 1645
EAP-Message =
0x0104040019c0064f1603010031022d03014edce8c088d0ccb9d81d6bc20a71c020036346ce7536b0670cb3fc0b5ba5a2710405ff01000100160301060b0b0006070006040002a5308202a13082020aa003020102020900bc739ec037c017e3300d06092a864886f70d0101050500307b310b30090603550406130256453110300e060355040813074d6972616e646131163014060355040a130d504456534120496e7465766570310c300a060355040b13034149543111300f06035504031408776c616e5f696e743121301f06092a864886f70d0109011612726f6a61736561744070647673612e636f6d301e170d313131313233
EAP-Message =
0x3133343534395a170d3132313132323133343534395a308190310b30090603550406130256453110300e060355040813074d6972616e6461311330110603550407130a4c6f732054657175657331163014060355040a130d504456534120496e7465766570310c300a060355040b13034149543111300f06035504031408776c616e5f696e743121301f06092a864886f70d0109011612726f6a61736561744070647673612e636f6d30819f300d06092a864886f70d010101050003818d0030818902818100b89ad76da34ead041ec970badbb7a7ca1ae79575e990334c8b07277382ee708fe979d9e81c68e3439b19550798765c9a2c8257bde11863
EAP-Message =
0xb692e457954e4b3a6f746de7062d880b3a00972ec949feb87186db83cfa36fd4642926fb5c7bafe39cc51992ae51522d364dcd7e81576ff13e5905de29db0dacd1e0c39ecf4cb595150203010001a317301530130603551d25040c300a06082b06010505070301300d06092a864886f70d010105050003818100510f0594c5466e9a995ef0cf85ff7195b9c726a530e5915ed8c1105822811dbd920599981a1cfd3940b06af9d315838ff2ddd10d12ba542c3c899ff699c1d177e4618d7e3782ba5782313eaca2488167865d8cd4d865b8fdd011ad56a8f3723d0f17a6aed65546b2cc622c3d3817e410dcb65f3eefaf45eb90288346602e5939000359
EAP-Message =
0x30820355308202bea003020102020900bc739ec037c017e2300d06092a864886f70d0101050500307b310b30090603550406130256453110300e060355040813074d6972616e646131163014060355040a130d504456534120496e7465766570310c300a060355040b13034149543111300f06035504031408776c616e5f696e743121301f06092a864886f70d0109011612726f6a61736561744070647673612e636f6d301e170d3131313132333133313431315a170d3134313132323133313431315a307b310b30090603550406130256453110300e060355040813074d6972616e646131163014060355040a130d504456534120496e7465766570
EAP-Message = 0x310c300a060355040b130341
Message-Authenticator = 0x
State = 0xf5ff3d38f4fb24f2be48500aba47bfca
Finished request 17.
Going to the next request
Waking up in 2.5 seconds.
rad_recv: Access-Request packet from host 129.90.74.5 port 1645, id=179,
length=164
User-Name = "PDVSA2000\\torrealbaw"
Framed-MTU = 1400
Called-Station-Id = "0011.92ea.0800"
Calling-Station-Id = "0021.917e.09cd"
Service-Type = Login-User
Message-Authenticator = 0x6961ce4663c1662815347ab4a19f4ef7
EAP-Message = 0x020400061900
NAS-Port-Type = Wireless-802.11
NAS-Port = 328
State = 0xf5ff3d38f4fb24f2be48500aba47bfca
NAS-IP-Address = 129.90.74.5
NAS-Identifier = "mw-ltqN3-P2-01"
# Executing section authorize from file /etc/freeradius/sites-enabled/default
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix] No '@' in User-Name = "PDVSA2000\torrealbaw", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 4 length 6
[eap] Continuing tunnel setup.
++[eap] returns ok
Found Auth-Type = EAP
# Executing group from file /etc/freeradius/sites-enabled/default
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/peap
[eap] processing type peap
[peap] processing EAP-TLS
[peap] Received TLS ACK
[peap] ACK handshake fragment handler
[peap] eaptls_verify returned 1
[peap] eaptls_process returned 13
[peap] EAPTLS_HANDLED
++[eap] returns handled
Sending Access-Challenge of id 179 to 129.90.74.5 port 1645
EAP-Message =
0x0105025f190049543111300f06035504031408776c616e5f696e743121301f06092a864886f70d0109011612726f6a61736561744070647673612e636f6d30819f300d06092a864886f70d010101050003818d0030818902818100aa6f9c699adcab8d163da107a7a1b20c4cddf0c57a85fa78c2fcfa6b697421ea874506930ba8b278d4709fc055b54a00a93ef84a816d2ca34ebf14876fe836dab07c09202f354da91a14a38d7cad27089b478a569be38a72287d93476bceea425c55d314a5d488b01ab56e5a31c1cd72abef98fcea39f06889dbc1ab7c9708170203010001a381e03081dd301d06