Forgot to add the sniffing results earlier
Hi, I have strange behavior on my freeradius. I try to make it ask for client certificate as part of EAP-TTLS authentication. I added the configuration EAP-TLS-Require-Client-Cert = Yes to users configuration file as control for my username. And got the following LOG TLS_accept: SSLv3 write server done A [ttls] TLS_accept: SSLv3 flush data [ttls] TLS_accept: Need to read more data: SSLv3 read client certificate However, the sniffing shows no client certificate sending and there is no cert request sent by the server You can see it below Thanks for your help. Radius Protocol Code: Access-challenge (11) Packet identifier: 0x2 (2) Length: 1090 Authenticator: 30C0590D2DA3E4BBA06A60E9956D6441 Attribute Value Pairs AVP: l=255 t=EAP-Message(79) Segment[1] AVP: l=255 t=EAP-Message(79) Segment[2] AVP: l=255 t=EAP-Message(79) Segment[3] AVP: l=255 t=EAP-Message(79) Segment[4] AVP: l=14 t=EAP-Message(79) Last Segment[5] EAP fragment Extensible Authentication Protocol Code: Request (1) Id: 3 Length: 1024 Type: EAP-TTLS [RFC5281] (21) Flags(0xC0): Length More TTLS version 0 Length: 3578 [EAP-TLS Fragments (3578 bytes): #14(1014), #16(1014), #18(1014), #20(536)] Secure Socket Layer TLSv1 Record Layer: Handshake Protocol: Server Hello TLSv1 Record Layer: Handshake Protocol: Certificate TLSv1 Record Layer: Handshake Protocol: Server Key Exchange TLSv1 Record Layer: Handshake Protocol: Server Hello Done AVP: l=18 t=Message-Authenticator(80): 3B8DD2F0E3AE6A6C08BA6B8CC5A12D8B AVP: l=18 t=State(24): A97FDCBBAB7CC99E1A7630EF1EB500F8 State: A97FDCBBAB7CC99E1A7630EF1EB500F8
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html