[RADIATOR] SSL Error in PEAP conversation

Johnson, Neil M neil-johnson at uiowa.edu
Fri Sep 21 10:32:42 CDT 2012


It's looking more and more like a client issue. We gave the user a
different Wireless NIC and they have had no issues.

We are trying to determine if it's a client and wireless vendor issue or
just the client.

Thanks for your assistance.


Neil Johnson
Network Engineer
The University of Iowa
Phone: 319 384-0938
Fax: 319 335-2951
Mobile: 319 540-2081
E-Mail: neil-johnson at uiowa.edu

On 9/18/12 4:13 PM, "Johnson, Neil M" <neil-johnson at uiowa.edu> wrote:

>It's my understanding that he is running the stock windows supplicant. I
>will check.
>The customer in question can connect most of the time, it's just that
>every few hours he gets asked to re-enter his credentials, which coincides
>with the TLS error messages.
>Neil Johnson
>Network Engineer
>The University of Iowa
>Phone: 319 384-0938
>Fax: 319 335-2951
>Mobile: 319 540-2081
>E-Mail: neil-johnson at uiowa.edu
>On 9/18/12 1:47 PM, "Heikki Vatiainen" <hvn at open.com.au> wrote:
>>On 09/17/2012 11:31 PM, Johnson, Neil M wrote:
>>> Two more packet captures ....
>>Thanks for the captures and Radiator log snippets. I noticed the Windows
>>7 client advertises its support for elliptic curve cryptography cipher
>>Is the PEAP client software user has the one that comes with Windows or
>>maybe something else? The Windows 7 default client should work well with
>>Radiator so I thought is this possibly some other client.
>>The TLS negotiation continues in some of the pcaps with Radiator picking
>>up TLS_RSA_WITH_AES_128_CBC_SHA and I see nothing peculiar there. It's
>>hard to say why some tries end up with alerts.
>>Heikki Vatiainen <hvn at open.com.au>
>>Radiator: the most portable, flexible and configurable RADIUS server
>>anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
>>Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
>>TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
>>DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS,
>>NetWare etc.
>radiator mailing list
>radiator at open.com.au

More information about the radiator mailing list