Hello,
I have a Freeradius 0.9.3 installation running on a Redhat 9 machine. It works GREAT for my home laptop. Thanks so much for this excellent software. I'm running a DLink 900+ AP and my home laptop has a matching DLink 650+ PCMCIA wireless card. I'm using EAP-TLS on Windows XP and it is working great for that machine. I recently got a new Dell Latitude D600 laptop for work and I cannot seem to get this silly machine to correctly connect to the wireless network using EAP-TLS. I first tried the same certificate I created (using OpenSSL) and have been using on my personal laptop. It gets to Attempting Authentication and just stays there. I also tried creating a new certificate for this machine, but got the same results. I don't see anything obvious in the log file for FreeRadius, but I'm attaching the relevant information in hopes that someone can offer an idea of what might be wrong. The new machine has a built-in Intel(R) PRO/Wireless LAN 2100 3A Mini PCI Adapter. It is running Windows XP + SP1 and patches. I guess I'm unsure why a different wireless card would have trouble, as it seems to talk to the AP just fine. Thanks for any help you can give. Craig Ready to process requests rad_recv: Access-Request packet from host 192.168.0.50:1248, id=106, length=135 User-Name = "csetera" NAS-IP-Address = 192.168.0.50 NAS-Port = 0 Called-Station-Id = "00-40-05-CA-6D-42" Calling-Station-Id = "00-04-23-53-0D-63" NAS-Identifier = "DWL-900AP+" Framed-MTU = 1380 NAS-Port-Type = Wireless-802.11 EAP-Message = 0x0201000c0163736574657261 Message-Authenticator = 0xe5b9e009b38dac2fb879dd1a06885026 modcall: entering group authorize for request 0 modcall[authorize]: module "preprocess" returns ok for request 0 rlm_eap: EAP packet type notification id 1 length 12 rlm_eap: EAP Start not found modcall[authorize]: module "eap" returns updated for request 0 users: Matched csetera at 91 modcall[authorize]: module "files" returns ok for request 0 modcall: group authorize returns updated for request 0 rad_check_password: Found Auth-Type EAP auth: type "EAP" modcall: entering group authenticate for request 0 rlm_eap: EAP packet type notification id 1 length 12 rlm_eap: EAP Start not found rlm_eap: EAP Identity rlm_eap: processing type tls rlm_eap_tls: Initiate rlm_eap_tls: Start returned 1 modcall[authenticate]: module "eap" returns ok for request 0 modcall: group authenticate returns ok for request 0 Sending Access-Challenge of id 106 to 192.168.0.50:1248 EAP-Message = 0x010200060d20 Message-Authenticator = 0x00000000000000000000000000000000 State = 0x0f1812cd9e34e3291e6614767b2ef0cf2608f73fa740ded30adc1d88ff5b012f9f5b4915 Finished request 0 Going to the next request --- Walking the entire request list --- Waking up in 6 seconds... rad_recv: Access-Request packet from host 192.168.0.50:1248, id=107, length=135 User-Name = "csetera" NAS-IP-Address = 192.168.0.50 NAS-Port = 0 Called-Station-Id = "00-40-05-CA-6D-42" Calling-Station-Id = "00-04-23-53-0D-63" NAS-Identifier = "DWL-900AP+" Framed-MTU = 1380 NAS-Port-Type = Wireless-802.11 EAP-Message = 0x0203000c0163736574657261 Message-Authenticator = 0xb189b0090592766341676a4d888e29ea modcall: entering group authorize for request 1 modcall[authorize]: module "preprocess" returns ok for request 1 rlm_eap: EAP packet type notification id 3 length 12 rlm_eap: EAP Start not found modcall[authorize]: module "eap" returns updated for request 1 users: Matched csetera at 91 modcall[authorize]: module "files" returns ok for request 1 modcall: group authorize returns updated for request 1 rad_check_password: Found Auth-Type EAP auth: type "EAP" modcall: entering group authenticate for request 1 rlm_eap: EAP packet type notification id 3 length 12 rlm_eap: EAP Start not found rlm_eap: EAP Identity rlm_eap: processing type tls rlm_eap_tls: Initiate rlm_eap_tls: Start returned 1 modcall[authenticate]: module "eap" returns ok for request 1 modcall: group authenticate returns ok for request 1 Sending Access-Challenge of id 107 to 192.168.0.50:1248 EAP-Message = 0x010400060d20 Message-Authenticator = 0x00000000000000000000000000000000 State = 0xc813bc0205103cd2019947a069e31de32908f73fac424fb83bd323f40336a2002c26867d Finished request 1 Going to the next request --- Walking the entire request list --- Waking up in 3 seconds... --- Walking the entire request list --- Cleaning up request 0 ID 106 with timestamp 3ff70826 Waking up in 3 seconds... --- Walking the entire request list --- Cleaning up request 1 ID 107 with timestamp 3ff70829 Nothing to do. Sleeping until we see a request. rad_recv: Access-Request packet from host 192.168.0.50:1248, id=108, length=135 User-Name = "csetera" NAS-IP-Address = 192.168.0.50 NAS-Port = 0 Called-Station-Id = "00-40-05-CA-6D-42" Calling-Station-Id = "00-04-23-53-0D-63" NAS-Identifier = "DWL-900AP+" Framed-MTU = 1380 NAS-Port-Type = Wireless-802.11 EAP-Message = 0x0205000c0163736574657261 Message-Authenticator = 0x7d374f69da0b52547a736c9dba71cfd0 modcall: entering group authorize for request 2 modcall[authorize]: module "preprocess" returns ok for request 2 rlm_eap: EAP packet type notification id 5 length 12 rlm_eap: EAP Start not found modcall[authorize]: module "eap" returns updated for request 2 users: Matched csetera at 91 modcall[authorize]: module "files" returns ok for request 2 modcall: group authorize returns updated for request 2 rad_check_password: Found Auth-Type EAP auth: type "EAP" modcall: entering group authenticate for request 2 rlm_eap: EAP packet type notification id 5 length 12 rlm_eap: EAP Start not found rlm_eap: EAP Identity rlm_eap: processing type tls rlm_eap_tls: Initiate rlm_eap_tls: Start returned 1 modcall[authenticate]: module "eap" returns ok for request 2 modcall: group authenticate returns ok for request 2 Sending Access-Challenge of id 108 to 192.168.0.50:1248 EAP-Message = 0x010600060d20 Message-Authenticator = 0x00000000000000000000000000000000 State = 0x90c8276fb1b85771e266008d8374c9874708f73fb6c346dcc8687d12328a5c0e6ddfff3b Finished request 2 Going to the next request --- Walking the entire request list --- Waking up in 6 seconds... rad_recv: Access-Request packet from host 192.168.0.50:1248, id=109, length=241 User-Name = "csetera" NAS-IP-Address = 192.168.0.50 NAS-Port = 0 Called-Station-Id = "00-40-05-CA-6D-42" Calling-Station-Id = "00-04-23-53-0D-63" NAS-Identifier = "DWL-900AP+" Framed-MTU = 1380 NAS-Port-Type = Wireless-802.11 EAP-Message = 0x020600500d800000004616030100410100003d03013ff7084e23a0dc39789f221340229262b6ac939e26f5bf00b82859a59a2bc7d800001600040005000a000900640062000300060013001200630100 State = 0x90c8276fb1b85771e266008d8374c9874708f73fb6c346dcc8687d12328a5c0e6ddfff3b Message-Authenticator = 0xa2735b37679a5b259c808d3aafef1ff8 modcall: entering group authorize for request 3 modcall[authorize]: module "preprocess" returns ok for request 3 rlm_eap: EAP packet type notification id 6 length 80 rlm_eap: EAP Start not found modcall[authorize]: module "eap" returns updated for request 3 users: Matched csetera at 91 modcall[authorize]: module "files" returns ok for request 3 modcall: group authorize returns updated for request 3 rad_check_password: Found Auth-Type EAP auth: type "EAP" modcall: entering group authenticate for request 3 rlm_eap: EAP packet type notification id 6 length 80 rlm_eap: EAP Start not found rlm_eap: Request found, released from the list rlm_eap: EAP_TYPE - tls rlm_eap: processing type tls rlm_eap_tls: Authenticate rlm_eap_tls: Length Included undefined: before/accept initialization TLS_accept: before/accept initialization rlm_eap_tls: <<< TLS 1.0 Handshake [length 0041], ClientHello TLS_accept: SSLv3 read client hello A rlm_eap_tls: >>> TLS 1.0 Handshake [length 004a], ServerHello TLS_accept: SSLv3 write server hello A rlm_eap_tls: >>> TLS 1.0 Handshake [length 0674], Certificate TLS_accept: SSLv3 write certificate A rlm_eap_tls: >>> TLS 1.0 Handshake [length 00a8], CertificateRequest TLS_accept: SSLv3 write certificate request A TLS_accept: SSLv3 flush data TLS_accept:error in SSLv3 read client certificate A rlm_eap_tls: SSL_read Error Error code is ..... 2 SSL Error ..... 2 modcall[authenticate]: module "eap" returns ok for request 3 modcall: group authenticate returns ok for request 3 Sending Access-Challenge of id 109 to 192.168.0.50:1248 EAP-Message = 0x0107040a0dc000000775160301004a0200004603013ff7084720d989adedcef68233466369eb4e611e9c53cf8010aa63b5a468ef4e200c5801f095434c442a081ea007869c95ce7e0cd9c358cb000de5960097c9258900040016030106740b00067000066d0002c8308202c43082022da003020102020101300d06092a864886f70d0101040500308196310b300906035504061302555331123010060355040813094d696e6e65736f74613112301006035504071309526f63686573746572310f300d060355040a130653657465726131143012060355040b130b536574657261486f7573653111300f06035504031308536574657261434131253023 EAP-Message = 0x06092a864886f70d01090116167365746572616a756e6b40636861727465722e6e6574301e170d3033303431353031323335335a170d3038303431333031323335335a30819f310b300906035504061302555331123010060355040813094d696e6e65736f74613112301006035504071309526f63686573746572310f300d060355040a130653657465726131143012060355040b130b536574657261486f757365311a3018060355040313117365746572612e676f74646e732e6f72673125302306092a864886f70d01090116167365746572616a756e6b40636861727465722e6e657430819f300d06092a864886f70d010101050003818d003081 EAP-Message = 0x8902818100a811bb47cecf7b0f9fbe6b1dbcf02bcec5f0e2ca60794f11d0a2c1a01892bfd6aa9293e4c8d557a23814aacae9c0f50367df4843edc0ddd1573d8585e9a04f7e3586c4bb0347dcb9eb5beab2298901a28bb798027a6e5e3c691a388e93eaccef33520ca7328b9a43f73ad66ee7dedafe4d14c29deb953a579b5467def5fff1710203010001a317301530130603551d25040c300a06082b06010505070301300d06092a864886f70d01010405000381810039efb2b87a31df7125afeaa0ebb0f1a174bc6ac8acd57dabc8c0e22aad93d7ba805ba580690989a27293ce88627341870490128d530802e49388dbccaa4125f324e226a8f0f0a1 EAP-Message = 0xd1cda6aca8b22918938fe6927c608deed36d9c83d2a2fe7a447fa96706f468b00a266873f2e4bd96efc4dcc3b5c27106673de5525d87a99a1e00039f3082039b30820304a003020102020100300d06092a864886f70d0101040500308196310b300906035504061302555331123010060355040813094d696e6e65736f74613112301006035504071309526f63686573746572310f300d060355040a130653657465726131143012060355040b130b536574657261486f7573653111300f0603550403130853657465726143413125302306092a864886f70d01090116167365746572616a756e6b40636861727465722e6e6574301e170d3033303431 EAP-Message = 0x353031323331315a170d303830343133303132333131 Message-Authenticator = 0x00000000000000000000000000000000 State = 0x8552c4636991b3488d5e021870005f564708f73f534b4886050e5fbe1d42c312a596aee2 Finished request 3 Going to the next request Waking up in 6 seconds... --- Walking the entire request list --- Cleaning up request 2 ID 108 with timestamp 3ff70847 Cleaning up request 3 ID 109 with timestamp 3ff70847 Nothing to do. Sleeping until we see a request. ------------------------------------------------- This mail sent through IMP: http://horde.org/imp/ - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html