Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    FreeRADIUS cipher_list = "DEFAULT@SECLEVEL=0" (loco M2 client)

    Scheduled Pinned Locked Moved pfSense Packages
    3 Posts 3 Posters 1.0k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • Raul RamosR
      Raul Ramos
      last edited by Raul Ramos

      Hi,

      For some reason I have to change cipher_list = "DEFAULT" in the eap file to cipher_list = "DEFAULT@SECLEVEL=0", otherwise a NanoStation loco M2 do not authenticate. Maybe is not advised but works. This is after upgrade from 23.05 to 23.09.

      Log on authentication faling (pfSense logs): Oct 6 17:52:07 radiusd 62113 (1) Login incorrect (eap_peap: (TLS) Alert write:fatal:internal error): [***/<via Auth-Type = eap>] (from client LocoM2 port 0 cli -----)

      This NanoStation loco M2 have the v6.3.11 (XM) version of the firmware, last at this date.

      Some thought's?

      Update@17:32: used certificate is to weak?!

      Best regards,
      RMR

      pfSense:
      ASRock -> Wolfdale1333-D667 (2GB TeamElite Ram)
      Marvell 88SA8040 Sata to CF(Sandisk 4GB) Controller
      NIC's: RTL8100E (Internal ) and IntelĀ® PRO/1000 PT Dual (Intel 82571GB)

      D 1 Reply Last reply Reply Quote 1
      • V vanwinkle.rip referenced this topic on
      • D
        daflores63 @Raul Ramos
        last edited by

        @Raul-Ramos same issue in pfsense CE 2.7.2

        1 Reply Last reply Reply Quote 2
        • TechSSHT
          TechSSH
          last edited by

          same situation for me

          1 Reply Last reply Reply Quote 0
          • jimpJ jimp moved this topic from Plus 23.09 Development Snapshots (Retired) on
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.