[RADIATOR] SSL Error in PEAP conversation

Johnson, Neil M neil-johnson at uiowa.edu
Tue Sep 18 16:13:23 CDT 2012


Heikki,

It's my understanding that he is running the stock windows supplicant. I
will check.

The customer in question can connect most of the time, it's just that
every few hours he gets asked to re-enter his credentials, which coincides
with the TLS error messages.


Thanks.
-Neil

-- 
Neil Johnson
Network Engineer
The University of Iowa
Phone: 319 384-0938
Fax: 319 335-2951
Mobile: 319 540-2081
E-Mail: neil-johnson at uiowa.edu






On 9/18/12 1:47 PM, "Heikki Vatiainen" <hvn at open.com.au> wrote:

>On 09/17/2012 11:31 PM, Johnson, Neil M wrote:
>
>> Two more packet captures ....
>
>Thanks for the captures and Radiator log snippets. I noticed the Windows
>7 client advertises its support for elliptic curve cryptography cipher
>suites
>http://tools.ietf.org/html/rfc4492
>
>Is the PEAP client software user has the one that comes with Windows or
>maybe something else? The Windows 7 default client should work well with
>Radiator so I thought is this possibly some other client.
>
>The TLS negotiation continues in some of the pcaps with Radiator picking
>up TLS_RSA_WITH_AES_128_CBC_SHA and I see nothing peculiar there. It's
>hard to say why some tries end up with alerts.
>
>Thanks,
>Heikki
>
>-- 
>Heikki Vatiainen <hvn at open.com.au>
>
>Radiator: the most portable, flexible and configurable RADIUS server
>anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
>Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
>TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
>DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS,
>NetWare etc.



More information about the radiator mailing list