06-24-2012, 12:12 AM
| || |
Join Date: Jun 2012
| | Problem with EAP-FAST in phase 1
I am using eap-fast and I am not able to obtain the PAC file from server.
I can see the following protocols exchanged between client and server.
1. server -> client : (Proto EAP) Request, Identity
2. client -> server : (Proto EAP) Response, Identity
3. server -> client : (Proto EAP) Request. EEAP-TLS
4. client -> server : (Proto EAP) Response, Legacy Nak (Response only)
5. server -> client : (Proto TLSv1) Ignored Unknown Record (EAP Type: EAP-FAST)
6. client -> server : (Proto TLSv1) Client Hello (with empty session ID)
7. server -> client : (Proto TLSv1) Server Hello, Server Key Exchange, Server Hello Done
After this step, I see a "Request, Identity" from server again and the whole thing repeats. Once in multiple attempts, I see the following
8. client -> server : (Proto TLSv1) Client Key Exchange, Change Cipher Spec, Encrypted Handshake Message.
But it starts all over again. I don't understand why this behavior? I suspect that the server times out, but I am not sure.
Has anyone came across this problem before or if anyone knows the reason and fix for this behavior, please share with me.