[RADIATOR] SSL Error in PEAP conversation
Johnson, Neil M
neil-johnson at uiowa.edu
Fri Sep 21 10:32:42 CDT 2012
Heikki,
It's looking more and more like a client issue. We gave the user a
different Wireless NIC and they have had no issues.
We are trying to determine if it's a client and wireless vendor issue or
just the client.
Thanks for your assistance.
-Neil
--
Neil Johnson
Network Engineer
The University of Iowa
Phone: 319 384-0938
Fax: 319 335-2951
Mobile: 319 540-2081
E-Mail: neil-johnson at uiowa.edu
On 9/18/12 4:13 PM, "Johnson, Neil M" <neil-johnson at uiowa.edu> wrote:
>
>Heikki,
>
>It's my understanding that he is running the stock windows supplicant. I
>will check.
>
>The customer in question can connect most of the time, it's just that
>every few hours he gets asked to re-enter his credentials, which coincides
>with the TLS error messages.
>
>
>Thanks.
>-Neil
>
>--
>Neil Johnson
>Network Engineer
>The University of Iowa
>Phone: 319 384-0938
>Fax: 319 335-2951
>Mobile: 319 540-2081
>E-Mail: neil-johnson at uiowa.edu
>
>
>
>
>
>
>On 9/18/12 1:47 PM, "Heikki Vatiainen" <hvn at open.com.au> wrote:
>
>>On 09/17/2012 11:31 PM, Johnson, Neil M wrote:
>>
>>> Two more packet captures ....
>>
>>Thanks for the captures and Radiator log snippets. I noticed the Windows
>>7 client advertises its support for elliptic curve cryptography cipher
>>suites
>>http://tools.ietf.org/html/rfc4492
>>
>>Is the PEAP client software user has the one that comes with Windows or
>>maybe something else? The Windows 7 default client should work well with
>>Radiator so I thought is this possibly some other client.
>>
>>The TLS negotiation continues in some of the pcaps with Radiator picking
>>up TLS_RSA_WITH_AES_128_CBC_SHA and I see nothing peculiar there. It's
>>hard to say why some tries end up with alerts.
>>
>>Thanks,
>>Heikki
>>
>>--
>>Heikki Vatiainen <hvn at open.com.au>
>>
>>Radiator: the most portable, flexible and configurable RADIUS server
>>anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
>>Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
>>TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
>>DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS,
>>NetWare etc.
>
>_______________________________________________
>radiator mailing list
>radiator at open.com.au
>http://www.open.com.au/mailman/listinfo/radiator
More information about the radiator
mailing list