Hi, I'd say the client doesn't trust the radiator certificate and stops the EAP conversation.
Best regards, Alex On 2016-01-18 12:30, Christian Kratzer wrote: > Hi Sami, > > On Mon, 18 Jan 2016, Sami Keski-Kasari wrote: >> Hello Christian, >> >> Usually this kind of behaviour is due to MTU problems. >> There can be differences between different vendors for example how they >> do tunnelling and how it affects to MTUs etc. >> >> Please try to adjust maximum TLS fragment size to see if it helps. >> >> Please see more at page 92 >> 5.21.39 EAPTLS_MaxFragmentSize >> in ref.pdf. > yes we already have that set to 500. > > Just for understanding EAPTLS_MaxFragmentSize would only affect what radiator > sends. There is no way to limit the size of the fragements coming from the > ap. > > The trace4 logs stop exactly at the point radiator has completed sending of > it's certificate to the client. > > I would assume that I would at least see the first of the packets with the > client certificates. If not this could perhaps also be an issue with the > network dropping incoming udp fragments and the os never being able to > reassemble incomplete packets. I will have the customer check into that as > well. > > Greetings > Christian > > *"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"* T-Systems Austria GesmbH Rennweg 97-99, 1030 Wien Handelsgericht Wien, FN 79340b *"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"* Notice: This e-mail contains information that is confidential and may be privileged. If you are not the intended recipient, please notify the sender and then delete this e-mail immediately. *"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"* _______________________________________________ radiator mailing list radiator@open.com.au http://www.open.com.au/mailman/listinfo/radiator
