EAP/TLS DLINK DWL-2000AP+ Setup Problem XP Client

classic Classic list List threaded Threaded
2 messages Options
| Threaded
Open this post in threaded view
|

EAP/TLS DLINK DWL-2000AP+ Setup Problem XP Client

Ceyhun K�
Hi,

I've setup eap/tls with freeradius in my network.
I'm using certificates signed by a private CA.

Here is my problem:

When i check validate server certificate in client's connection
properties, radius an access challenge and nothing happens:

Sending Access-Challenge of id 3 to 192.168.145.13:1812
        EAP-Message =
0x010400350d800000002b14030100010116030100209e7c62b412a95e4583fd662183c3cfd5ff3aa01d4cf27de813dc6cc9b040fc78
        Message-Authenticator = 0x00000000000000000000000000000000
        State = 0xf48deff8e489ad47d9acb4c64dc756f4

With box unchecked, everything seems to be ok in freeradius logs.
But just after Access-Accept packet, AP reboots and client connection dies.



Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 26
  rlm_eap: Request found, released from the list
  rlm_eap: EAP/tls
  rlm_eap: processing type tls
  rlm_eap_tls: Authenticate
  rlm_eap_tls: processing TLS
rlm_eap_tls: Received EAP-TLS ACK message
  rlm_eap_tls: ack handshake is finished
  eaptls_verify returned 3
  eaptls_process returned 3
  rlm_eap: Freeing handler
  modcall[authenticate]: module "eap" returns ok for request 26
modcall: group authenticate returns ok for request 26
Sending Access-Accept of id 10 to 192.168.145.13:1812
        MS-MPPE-Recv-Key =
0x7ace5e49f382cd4ad52cbef684f2380b2d9982659a2779ca55e3e7f243277363
        MS-MPPE-Send-Key =
0xa44f01b3c2487c7ac23853a6b1c9fb645f3cf9780ed791d772bf639eb8dc6f63
        EAP-Message = 0x03040004
        Message-Authenticator = 0x00000000000000000000000000000000
        User-Name = "wireless-12"
Finished request 26


I'm confused, where to find error?
My AP HW, freeradius configuration, or certificate stuff.

Please guide me.

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
| Threaded
Open this post in threaded view
|

Re: EAP/TLS DLINK DWL-2000AP+ Setup Problem XP Client

Jan Luehr-10
Greetings,

Am Mittwoch, 17. August 2005 08:16 schrieb Ceyhun K�:

> Hi,
>
> I've setup eap/tls with freeradius in my network.
> I'm using certificates signed by a private CA.
>
> Here is my problem:
>
> When i check validate server certificate in client's connection
> properties, radius an access challenge and nothing happens:
>
> Sending Access-Challenge of id 3 to 192.168.145.13:1812
>         EAP-Message =
> 0x010400350d800000002b14030100010116030100209e7c62b412a95e4583fd662183c3cfd
>5ff3aa01d4cf27de813dc6cc9b040fc78 Message-Authenticator =
> 0x00000000000000000000000000000000 State =
> 0xf48deff8e489ad47d9acb4c64dc756f4
>
> With box unchecked, everything seems to be ok in freeradius logs.
> But just after Access-Accept packet, AP reboots and client connection dies.

If your AP actually reboots, it's probably an AP problem. Try upgrading
firmware.

Keep smiling
yanosz

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html