Hello everybody,
my Radius server crashes everytime when the supplicant is trying to
authenticate.
I use Freeradius 0.9.1 on a Linux (Redhat8 Kernel 2.4.20) machine. The supplicant
is also installed on a Linux machine (Xsupplicant 0.7), the authentication
protocol is EAP-TLS. The access point is
i can't say you what the problem is, but it looks like it is NOT linked
against the correct library, since the function which is not found is
NOT part of the 0.9.6 openssl BUT of the 0.9.7b. you probably compiled
with the good version (otherwise it wouldn't compile in the first place)
but the
From: [EMAIL PROTECTED]
Sent: Wednesday, 17 September 2003 8:33 PM
/usr/local/sbin/radiusd:
relocation error: /usr/local/lib/rlm_eap_tls-0.9.1.so:
undefined symbol: SSL_set_msg_callback_arg
Try ldd /usr/local/lib/rlm_eap_tls-0.9.1.so, and see if it's
linking to the correct OpenSSL library.
Hi,
I use WinXP supplicant to authenticate with FreeRADIUS server
by EAP-TLS.
OnRADIUS server debug mode "run-radiusd -X -A", I see
Access-Accept log, and my network adaptor status is authenticated
successfully.
ping AP, I got reply from message, but, after 5 sec, I got
request timeout
Jason Haar [EMAIL PROTECTED] wrote:
The only way I've found to get it to work is to manually
...
There must be a cleaner way... Besides moving to another distro ;-)
Find out what is in 0.9.7b, which isn't in 0.9.6, and create patches
for FreeRADIUS to work with 0.9.6.
The server can get
Hi,
I was succesfully using eap-tls with freeradius
version 0.8.1. Last week I checkedout the latest CVS
version as there have been some changes in EAP-TLS
module in the latest Version. I re-configured it only
to run into some problems. It breaks dowm before
starting the TLS Handshake.
I
pankaj Goel wrote:
TLS_accept: before/accept initialization
Segmentation fault
I got the same thing with using wrong libcrypto (0.9.6 instead 0.9.7)
shared library.
Check your LD_LIBRARY_PATH
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
From: Fabrice Beauvir
Sent: Thursday, 28 August 2003 12:47 AM
pankaj Goel wrote:
TLS_accept: before/accept initialization
Segmentation fault
I got the same thing with using wrong libcrypto (0.9.6 instead 0.9.7)
shared library.
Check your LD_LIBRARY_PATH
Was this because you
--- Paul Hampson [EMAIL PROTECTED] wrote:
From: Fabrice Beauvir
Sent: Thursday, 28 August 2003 12:47 AM
pankaj Goel wrote:
TLS_accept: before/accept initialization
Segmentation fault
I got the same thing with using wrong libcrypto
(0.9.6 instead 0.9.7)
shared library.
pankaj Goel [EMAIL PROTECTED] wrote:
Yeah it makes sense, but I am using the same
compilation and run-time varibales for both the 0.8.1
and cvs version like
LD_LIBRAY_PATH=/usr/local/openssl/lib
THe following libs are inluded when i do a
ldd /usr/local/sbin/radiusd
On Thu, Aug 28, 2003 at 01:16:18AM +1000, Paul Hampson wrote:
Was this because you linked against one, but tried to run against
the other, or is there a problem between OpenSSL 0.9.6 and FreeRADIUS's
EAP-TLS?
This wouldn't be a Redhat machine would it?
For better or worse, Redhat still
I tried certificates from Adam Sulmicki's cert.tgz packet. I set the server date to
28.2 and on the laptop to 28.2. (the certificate is valid from and expires on that
day). And the EAP/TLS authentication worked!
I finally got:
Sending Access-Accept of id 50 to 194.142.202.102:6001
you can DEFINITLY use openssl in order to produce valid certificates,
both for windows AND freeradius (which uses openssl).
the certification path is not valid probably because the root
certificate which you installed under windows expired.
ciao
artur
I know that many people have managed to
Fri Aug 8 14:13:30 2003 : Info: Using deprecated naslist
file. Support for this will go away soon.Fri Aug 8 14:13:30 2003
: Info: Using deprecated clients file. Support for this will go away
soon.Fri Aug 8 14:13:30 2003 : Info: Using deprecated realms
file. Support for this will go away
that's why i'm trying to reassure you. it probably has nothing to do
with the version of openssl. every suite has to produce compliant
certificates. the certificate format is mandated by its form.
just verify all the certificates you installed. it's a small error
somewhere.
ciao
artur
Antti
you can DEFINITLY use openssl in order to produce valid certificates,
both for windows AND freeradius (which uses openssl).
the certification path is not valid probably because the root
certificate which you installed under windows expired.
ciao
artur
Antti Mattila wrote:
I tried certificates
Hi,
Follow the steps of this articule abaut dinamic libraries
http://www.impossiblereflex.com/8021x/eap-tls-HOWTO.htm
good luck
omar.
wen-hong wrote:
Fri Aug 8 14:13:30 2003 : Info: Using deprecated naslist file. Support
for this will go away soon.
Fri Aug 8 14:13:30 2003 : Info: Using
# An example configuration for using /etc/smbpasswd.
#
#passwd etc_smbpasswd {
# filename = /etc/smbpasswd
# format =
*User-Name::LM-Password:NT-Password:SMB-Account-CTRL-TEXT::
# authtype = MS-CHAP
# hashsize = 100
#
Hi,
I have a wireless network with cisco aironet 350 AP and a cisco card
and I use win xp as
supplicant.
If I don't use (in win XP) the the key is provided for me
automatically it's all ok.
When I enable that option I have same problems, the authentication is
ok the cisco ap write
hi
the thread name is actually wrong since this is not a problem in
EAP-TLS.
I have a wireless network with cisco aironet 350 AP and a cisco card
and I use win xp as
supplicant.
If I don't use (in win XP) the the key is provided for me
automatically it's all ok.
nice, so EAP-TLS is
Here's some more info on the problem I have:
The client has a valid certificate, as well as the server. Both of them
can validate each others certificate using a valid root certificate.
However, the states of the second rad-access-cha packet of the server
and the rad-access-req answer packet from
I have freeradius up and running. on the client side I use a odyssey
client manager (newest version). Once I try the authentication messages
are sent back and forth as I could see from the tcpdump trace. In short
it looks like:
radius: rad-access-req 198 [id 1]
rad-access-cha 84 [id 1]
Hi there!
I've got a big prob. Thanks to the excellent howto of Adam Sulmicki, I finally
managed to move back from my Win2k RADIUS towards freeRADIUS. I'm using
freeRADIUS with eap tls enabled (cvs snaptshot 2002-04-08), a 3Com 8000 WLAN
AP and xsupplicant under Linux to auth via
Sebastian Rieger wrote:
Hi there!
I've got a big prob. Thanks to the excellent howto of Adam Sulmicki, I finally
managed to move back from my Win2k RADIUS towards freeRADIUS. I'm using
freeRADIUS with eap tls enabled (cvs snaptshot 2002-04-08), a 3Com 8000 WLAN
AP and xsupplicant under
Sebastian Rieger [EMAIL PROTECTED] wrote:
The messages look quite ok, but as soon as the secand request is
handeled EAP is complainig about rlm_eap: State verification
failed.. As I looked out for the State Attribute of the last
message, I found it some chars shorter than it was in the
25 matches
Mail list logo