Hi Phil,
All authentication was stopped at 18:59:36 2011 : Error: TLS Alert
write:fatal:bad record mac
Tue Jun 7 18:59:34 2011 : Auth: Login OK: [s9540746] (from client localhost
port 0) Tue Jun 7 18:59:35 2011 : Auth: Login OK: [s0182695] (from client
localhost port 0)
Tue Jun 7 18:59:35 2011 : Auth: Login OK: [s9540746] (from client AP1840-7
port 0 cli 8C-7B-9D-AC-DE-88) Tue Jun
7 18:59:35 2011 : Auth: Login OK: [s0182695] (from client wlan2_phy port 0 cli
8C-7B-9D-C5-1D-A5)
Tue Jun 7 18:59:36 2011 : Error: TLS Alert write:fatal:bad record mac
Tue Jun 7 18:59:36 2011 : Error: rlm_eap: SSL error error:1408F119:SSL
routines:SSL3_GET_RECORD:decryption failed or bad record mac
Tue Jun 7 18:59:36 2011 : Error: rlm_eap_tls: SSL_read failed in a system call
(-1), TLS session fails.
Tue Jun 7 18:59:36 2011 : Auth: Login incorrect: [s1017761/] (from client wlan2_phy port 0 cli 8C-7B-9D-9C-29-21)
Tue Jun 7 18:59:36 2011 : Error: TLS Alert write:fatal:bad record mac Tue Jun
7 18:59:36 2011 : Error: rlm_eap: SSL error error:1408F119:SSL
routines:SSL3_GET_RECORD:decryption failed or bad record mac Tue Jun 7
18:59:36 2011 : Error: rlm_eap_tls: SSL_read failed in a system call (-1), TLS
session fails.
Tue Jun 7 18:59:36 2011 : Auth: Login incorrect: [s1001903/] (from client AP1840-6 port 0 cli 8C-7B-9D-A4-95-AE) Tue Jun 7
18:59:36 2011 : Info: rlm_eap_mschapv2: Issuing Challenge Tue Jun 7 18:59:36
2011 : Info: rlm_eap_mschapv2: Issuing Challenge Tue Jun 7 18:59:36 2011 :
Error: TLS Alert write:fatal:bad record mac Tue Jun 7 18:59:36 2011 : Error:
rlm_eap: SSL error error:1408F119:SSL routines:SSL3_GET_RECORD:decryption
failed or bad record mac Tue Jun 7 18:59:36 2011 : Error: rlm_eap_tls:
SSL_read failed in a system call (-1), TLS session fails.
Regards
Angus
ITU Systems
Ext: 6551
-Original Message-
From: freeradius-users-bounces+ajiang=ouhk.edu...@lists.freeradius.org
[mailto:freeradius-users-bounces+ajiang=ouhk.edu...@lists.freeradius.org] On
Behalf Of Angus JIANG Jian
Sent: Monday, June 13, 2011 10:53 PM
To: FreeRadius users mailing list
Subject: RE: "Error: rlm_ldap: All ldap connections are in use"
Hi,
Our ldap server is Novell edirectory 8.6 , the radius is taking with
edirectory8.6.
Regards
Angus
ITU Systems
Ext: 6551
-Original Message-
From: freeradius-users-bounces+ajiang=ouhk.edu...@lists.freeradius.org
[mailto:freeradius-users-bounces+ajiang=ouhk.edu...@lists.freeradius.org] On
Behalf Of Phil Mayers
Sent: Monday, June 13, 2011 10:12 PM
To: freeradius-users@lists.freeradius.org
Subject: Re: "Error: rlm_ldap: All ldap connections are in use"
On 13/06/11 14:44, Angus JIANG Jian wrote:
> we found the following error messages in the RADIUS log "Error:
> rlm_ldap: All ldap connections are in use" on redhat workstation 5 OS.
>
> "Error: Discarding duplicate request from client AP1840-4:1031 - ID:
> 72 due to unfinished request 1017" 7:05pm - Tried to restarted the
> RADIUS daemon but the problem still exist 7:08pm - Tried to increase
> the ldap_connection limit from 15 to 50 but got other error message
> "Info: The maximum number of threads (32) are active, cannot spawn
> new thread to handle request" - Resume the ldap_connection
> limit, the problem still exist
Your LDAP server is taking too long. It's too slow.
Ensure your LDAP database is indexed correctly.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
<>
This e-mail and its attachments, if any, are confidential and contain
information for an intended recipient. The Open University of Hong Kong (OUHK)
disclaims any liability for any loss or damage if this e-mail is received by
any person who is not the intended recipient. E-mail transmissions cannot be
guaranteed to be completely secure, error or virus free. No responsibility is
accepted by the OUHK for any loss or damage arising in any way from receipt or
use thereof. Arrangements or statements appearing to bind OUHK are not binding
upon OUHK unless made in accordance with OUHK's constitution and duly
authorised. OUHK staff are expressly prohibited from breaching applicable law,
infringing third party rights, making defamatory statements and committing
tortious acts by e-mail communications.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
<>
This e-mail and its attachments, if any, are confidential and contain
information for an intended recipient. The Open University of Hong Kong (OUHK)
disclaims any liability for any loss or damage if this e-mail is received by
any person who is not the intended recipient. E-mail transmissions cannot be
guaranteed to be completely secure, error or virus free. No responsibility is
accepted by the OUHK for any loss or damage arising in any way from receipt or
use thereof. Arrangements