Hello Board,
trying Radius Authentication.
Seems I got TTLS/EAP all dialed in.
But then get de-railed by certificates.
Maybe someone here solved the issue of getting a CA error on Freeradius 2.x even after generating the certs as described in the User Manual as well as described here:
I have installed the new CA on the CPE under User Provisioned Root Cert1
EAP seems to establish just fine.
But then, FreeRadius throws me that error:
Tue Nov 27 21:13:03 2018 : Error: TLS Alert read:fatal:unknown CA
Tue Nov 27 21:13:03 2018 : Error: TLS_accept: failed in unknown state
Tue Nov 27 21:13:03 2018 : Error: rlm_eap: SSL error error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca
Tue Nov 27 21:13:03 2018 : Error: SSL: SSL_read failed inside of TLS (-1), TLS session fails.
Tue Nov 27 21:13:03 2018 : Debug: TLS receive handshake failed during operation
Tue Nov 27 21:13:03 2018 : Info: [ttls] eaptls_process returned 4
Tue Nov 27 21:13:03 2018 : Info: [eap] Handler failed in EAP/ttls
Tue Nov 27 21:13:03 2018 : Info: [eap] Failed in EAP select
Tue Nov 27 21:13:03 2018 : Info: ++[eap] = invalid
Tue Nov 27 21:13:03 2018 : Info: +} # group EAP = invalid
We are running on Debian8.11 and FreeRadius 2.2.5
Anyone a idea or running Radius with the ePMP2000 ?
Thanks,
Heiko Rehm