[RADIATOR] Radiator / Radmin - EAP TLS certificates on Android phone

Imanol Fuidio imanol.fuidio at fon.com
Wed Jun 18 16:46:40 CDT 2014


Hi Heikki,

The same test repeated with Second Phase as none and the same problem.
As you have said, this should have nothing to do with EAP TLS.

I have repeated the test on an iphone with IOS7 configuring a TLS profile
with the CA in der format. The same problem.
The log is also in https://gist.github.com/ifdm001/57c03984282f33406aec

Thanks for the contribution,

Imanol


On Wed, Jun 18, 2014 at 10:05 PM, Heikki Vatiainen <hvn at open.com.au> wrote:

> On 06/18/2014 02:04 PM, Imanol Fuidio wrote:
>
> > The WiFi configuration is: EAP method TLS, Phase 2 PAP, User
> > certificate, Identiy user
>
> Phase 2 PAP looks odd. This would make sense with EAP-TTLS, but I am not
> sure what it could mean with EAP-TLS.
>
> > Wed Jun 18 11:49:35 2014: ERR: EAP TLS error: -1, 1, 8592, 0,  22411: 1
> > - error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number
>
> Can you try with other settings for Phase 2, such as none, off or
> something else to turn off any Phase 2 authentication off. I'd say the
> above message might come from something that the client adds and appears
> as bad TLS record to the server.
>
> Thanks,
> Heikki
>
> --
> Heikki Vatiainen <hvn at open.com.au>
>
> Radiator: the most portable, flexible and configurable RADIUS server
> anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
> Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
> TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
> DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS,
> NetWare etc.
>



-- 

Imanol Fuidio Díaz-Maroto

Fon Labs
R&D Engineerimanol.fuidio at fon.com
skype: imanol.fon
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.open.com.au/pipermail/radiator/attachments/20140618/405b83b8/attachment.html 


More information about the radiator mailing list