Anyone using a recent version of free-radius able to get authentication working? I’m using the default certificates and having trouble getting the pmp450 to authenticate.
Here is the error I’m getting from radius
Fri May 7 14:40:37 2021 : ERROR: (3) eap_ttls: TLS Alert write:fatal:protocol version
Fri May 7 14:40:37 2021 : Error: tls: TLS_accept: Error in error
Fri May 7 14:40:37 2021 : ERROR: (3) eap_ttls: Failed in FUNCTION (SSL_read): ssl/statem/statem_srvr.c[1686]:error:14209102:SSL routines:tls_early_post_process_client_hello:unsupported protocol
Fri May 7 14:40:37 2021 : ERROR: (3) eap_ttls: System call (I/O) error (-1)
Fri May 7 14:40:37 2021 : ERROR: (3) eap_ttls: TLS receive handshake failed during operation
Fri May 7 14:40:37 2021 : ERROR: (3) eap_ttls: [eaptls process] = fail
Fri May 7 14:40:37 2021 : ERROR: (3) eap: Failed continuing EAP TTLS (21) session. EAP sub-module failed
additionally, I’m seeing this
Fri May 7 14:21:01 2021 : Debug: (1) eap_ttls: TLS_accept: before SSL initialization
Fri May 7 14:21:01 2021 : Debug: (1) eap_ttls: <<< recv TLS 1.3 [length 0035]
Fri May 7 14:21:01 2021 : Debug: Ignoring cbtls_msg call with pseudo content type 256, version 0
Fri May 7 14:21:01 2021 : Debug: (1) eap_ttls: >>> send TLS 1.0 Alert [length 0002], fatal protocol_version
Fri May 7 14:21:01 2021 : ERROR: (1) eap_ttls: TLS Alert write:fatal:protocol version
Fri May 7 14:21:01 2021 : Error: tls: TLS_accept: Error in error
Fri May 7 14:21:01 2021 : ERROR: (1) eap_ttls: Failed in FUNCTION (SSL_read): ssl/statem/statem_srvr.c[1686]:error:14209102:SSL routines:tls_early_post_process_client_hello:unsupported protocol
How can I get the Cambium gear to use tls 1.3? Looks like it’s stuck on tls 1.0. is there a magic checkbox I’m missing somewhere?
Thanks for looking!