Freeradius TLS max version 1.3 broke EAP-TLS

jeekee · February 05, 2026, 07:20:50 PM

Hi guys,

Upgrade to 26.1 today and noticed my freeradius EAP-TLS was broken, got all kind of messages about fragmentation issues:

eap_tls: WARNING: (TLS) EAP Total received fragments (1266 bytes), exceeds total data length (1496 bytes)
• ... does not equal expected expected data length (0 bytes)

Fix is setting TLS max version to 1.2.

Is this a known issue, or did I do something wrong earlier and uncovered it after the update to 26.1

Thanks J

franco · February 05, 2026, 07:32:58 PM

No that's right that's why the max setting was added too. Unfortunately the default was bumped to TLSv1.3 which didn't work for that particular use case.

Cheers,
Franco

jeekee · Reply #2 - Re: Freeradius TLS max version 1.3 broke EAP-TLS

Aah explains it. Thanks for the reply!

Freeradius TLS max version 1.3 broke EAP-TLS

jeekee

February 05, 2026, 07:20:50 PM

franco

February 05, 2026, 07:32:58 PM #1

jeekee

Today at 11:35:54 AM #2