Good day to everybody,
As you maybe know, latest package Freeradius2 1.6.15 that contains a Freeradius 2.2.6 daemon, has a trouble on EAP-TLS authentication.
Above all with latest Android 6.0 Marshmallow.
Some tech details are available here:
Someone known if it exists a workaround, perhaps editing some configuration files on freeradius, or also on Android with some apps, in order to avoid this issue ?
Thanks a lot in advance for your time and for any suggestion.
Just got Marshmallow OTA update myself and smacked into this same problem. EAP-TLS configuration that has been working fine for quite a while, now no longer works on upgraded Nexus 7.
Symptoms are that the device appears to negotiate authentication, FreeRADIUS logs indicate the device was authenticated, but the device never finishes joining the network, and just keeps repeating.
From the Google thread, the issue is tied to the use of TLSv1.2 and downgrading to TLSv1.1 or 1.0, the final keying is correct. But downgrading to broken encryption standards is not what I'd consider a workaround.
From other forum reading, it sounds like this is going to be a quickly growing problem as Marshmallow is currently being rolled out OTA to all Nexus devices and expected to hit OEM devices soon.
So really the only question then is how soon an updated release that contains a fix for this issue can be made available.