Refusing to start with libssl version OpenSSL 1.0.
Ah, yes, in a hurry to fix this I forgot that radiusd.conf won't be updated on upgrade, so you'll still need to add "allow_vulnerable_openssl = yes" to the "security" section manually. See also /etc/raddb/radiusd.conf.rpmnew after the upgrade.
编辑文件 /etc/raddb/radiusd.conf,将allow_vulnerable_openssl = no改为allow_vulnerable_openssl = yes。
1. recv[RADIUS]: No route to host
EAPOL: SUPP_BE entering state RECEIVE
recv[RADIUS]: No route to host
EAPOL: startWhen --> 0
STA 02:00:00:00:00:01: Resending RADIUS message (id=0)
Next RADIUS client retransmit in 6 seconds
recv[RADIUS]: No route to host
STA 02:00:00:00:00:01: Resending RADIUS message (id=0)
Next RADIUS client retransmit in 12 seconds
recv[RADIUS]: No route to host
Signal 2 received - terminating
EAPOL: EAP key not available
MPPE keys OK: 0 mismatch: 1
FAILURE
解决方法:在freeradius服务器上执行关闭防火墙
#service iptables stop
2. Ignoring EAP-Type/PEAP because we do not have OpenSSL support.
peap, tls,ttls不受freeradius支持
rlm_eap: No such sub-type for default EAP type peap
/usr/local/etc/raddb/eap.conf[17]: Instantiation failed for module "eap"
/usr/local/etc/raddb/sites-enabled/inner-tunnel[236]: Failed to load module "eap".
/usr/local/etc/raddb/sites-enabled/inner-tunnel[189]: Errors parsing authenticate section.
解决方法:安装openssl开发包openssl-devel