Erro Freeradius + 802.1x

[brekler]

Boa tarde, estou com o seguinte problema.
Usamos aqui na rede um servidor freeradius com ldap para autenticação da rede com cabo. Funciona perfeitamente.
Estamos usando por enquanto na rede wireless o serviço hotspot que também esta funcionando, mas estamos querendo migrar para 802.1x.
O erro que esta acontecendo é o seguinte.

[tls] Initiate
[tls] Start returned 1
++[eap] returns handled
Sending Access-Challenge of id 179 to 172.23.54.2 port 32784
   EAP-Message = 0x010200061920
   Message-Authenticator = 0x00000000000000000000000000000000
   State = 0xa52ffbdea42de2a3ddda2e08b2ef9a8e
Finished request 17.
Going to the next request
Waking up in 4.9 seconds.
rad_recv: Access-Request packet from host 172.23.54.2 port 32784, id=180, length=320
   User-Name = "1085"
   Calling-Station-Id = "00-1E-64-27-2F-52"
   NAS-IP-Address = 172.23.54.2
   NAS-Port = 1
   Called-Station-Id = "68-92-34-91-91-48:UNIFEBE-1X"
   Service-Type = Framed-User
   Framed-MTU = 1400
   NAS-Port-Type = Wireless-802.11
   NAS-Identifier = "68-92-34-91-91-48"
   Connect-Info = "CONNECT 802.11b/g"
   WISPr-Location-Name = "2o-Andar"
   EAP-Message = 0x0202006919800000005f160301005a010000560301509d3fc22ba4ec181253508b1a9031d084a6ab63dfc0f57196d85dccbddd6bb0000018002f00350005000ac013c014c009c00a003200380013000401000015ff01000100000a0006000400170018000b00020100
   State = 0xa52ffbdea42de2a3ddda2e08b2ef9a8e
   Vendor-25053-Attr-3 = 0x554e49464542452d3158
   Message-Authenticator = 0xb15471a260ff863b5df11a42d1b7ffaf
# Executing section authorize from file /etc/freeradius/sites-enabled/default
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
++[digest] returns noop
[suffix] No '@' in User-Name = "1085", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 2 length 105
[eap] Continuing tunnel setup.
++[eap] returns ok
Found Auth-Type = EAP
# Executing group from file /etc/freeradius/sites-enabled/default
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/peap
[eap] processing type peap
[peap] processing EAP-TLS
  TLS Length 95
[peap] Length Included
[peap] eaptls_verify returned 11
[peap]     (other): before/accept initialization
[peap]     TLS_accept: before/accept initialization
[peap] <<< TLS 1.0 Handshake [length 005a], ClientHello 
[peap]     TLS_accept: SSLv3 read client hello A
[peap] >>> TLS 1.0 Handshake [length 0031], ServerHello 
[peap]     TLS_accept: SSLv3 write server hello A
[peap] >>> TLS 1.0 Handshake [length 02a8], Certificate 
[peap]     TLS_accept: SSLv3 write certificate A
[peap] >>> TLS 1.0 Handshake [length 0004], ServerHelloDone 
[peap]     TLS_accept: SSLv3 write server done A
[peap]     TLS_accept: SSLv3 flush data
[peap]     TLS_accept: Need to read more data: SSLv3 read client certificate A
In SSL Handshake Phase
In SSL Accept mode 
[peap] eaptls_process returned 13
[peap] EAPTLS_HANDLED
++[eap] returns handled
Sending Access-Challenge of id 180 to 172.23.54.2 port 32784
   EAP-Message = 0x010302f2190016030100310200002d0301509d3ef1415eda32ffcebd3266fe173cbfff89917ae81eda6972831a026a39a700002f000005ff0100010016030102a80b0002a40002a100029e3082029a30820182020900bd56242da73748dd300d06092a864886f70d0101050500300f310d300b0603550403130464617274301e170d3132303632383139343531345a170d3232303632363139343531345a300f310d300b060355040313046461727430820122300d06092a864886f70d01010105000382010f003082010a0282010100ca6b2f404628ab86daf42a6fc6bf84841fc22515227dff73a183a6f51a2a22db61143afc8486ff59813449b110
   EAP-Message = 0x463c624fe05f1a79e5f347cc1a4ae49a551195f31db873c60037978a2873ec1b990d3c3508d0a5380dd2c013755ba5771905a9e6b9e119a7d58981e7125f745ec893c416a2299c44dfac6ce81ff226ea6154b601a56285572c4658a045b8e160ff29ada8bf9fbd3aab84f6988155b52bf1e8691d7629e7d77cdf1bacf0fb062a7a826d02726fadace6d3ccdb84338d2e05a7867a6bc236f942bf2109a41b8289a9b1214571007a84a0ec2835dfac79beca7faf858ddf2b0483398effde1112e04540a8b83c6f4f3464aec1f10d66ffec7c837b0203010001300d06092a864886f70d010105050003820101000310c2505daf381e21004471bf7cf5ae8a
   EAP-Message = 0xe16a72c80fb15970c51859f996942e88e6a675834788ab9aa5a57af1a335b4513acd5c39cf3b63151368dac86c6ad0ba965a52636b998d220534d3c913a6f2d64baa46a14d877a6f1a1afdedd7dcc9f990b0ba6b0181cc15abbcab5de4ae2adf002de566cac739b11c770b727a104b4359905dbbf0889cad18af0f31e5be5f28b6619edefff2edc1a5ea6683805b51d1cbeb05c250d23a402de0f4443f01d4a7ddc4bf4ea950151f42aee22dc1c9a81f18aa219499adff4095f9fb6dc2e44f89fe14c0e2f30007748bd4deba341982af01ed8d09dad9bbfcc0ceaa2f4b3d3d94add25259cba48886d837b49af75a8f16030100040e000000
   Message-Authenticator = 0x00000000000000000000000000000000
   State = 0xa52ffbdea72ce2a3ddda2e08b2ef9a8e
Finished request 18.
Going to the next request
Waking up in 4.9 seconds.
rad_recv: Access-Request packet from host 172.23.54.2 port 32784, id=181, length=553
   User-Name = "1085"
   Calling-Station-Id = "00-1E-64-27-2F-52"
   NAS-IP-Address = 172.23.54.2
   NAS-Port = 1
   Called-Station-Id = "68-92-34-91-91-48:UNIFEBE-1X"
   Service-Type = Framed-User
   Framed-MTU = 1400
   NAS-Port-Type = Wireless-802.11
   NAS-Identifier = "68-92-34-91-91-48"
   Connect-Info = "CONNECT 802.11b/g"
   WISPr-Location-Name = "2o-Andar"
   EAP-Message = 0x020301501980000001461603010106100001020100406f5aabae4fb470053ee7cb8a80f8c8dc8f30040d4466009eca6d20f732623e0b4e1e9f8e9a675b81a68adbbdc8a9f05e460f841eea9234efbc9ae86e1c2d5f7de46b73718103e4d495253e86b9d945d1a97fc5ca13b14ca421b5b4f032f65567a027b202a18591d2bf3d5f05bc08dd2c7314c5d3291b55d255135cd1e08bdfb81e37e23bed31b6ef9bbc20face7f65b9679030f889cf3b7fcc3c5b442372b46b50744c8ae4d28bf1417b45900aed22e1f76d0f679bc83186008c10902140b38de9e40ac8b9074c4438479cfba8ecc58fb1c0eca7581fdfb2fc2221ca3cccfd3c379bd0415f0523
   EAP-Message = 0x469ea987e74a634ffd9f974fd85c4cf550cfc184882b10d31403010001011603010030c7823f5df8656cb4ecee2830f2dd532e33febb88329d8078398bcf9fc3729371e6acabeeee9022d11176d95facb50e26
   State = 0xa52ffbdea72ce2a3ddda2e08b2ef9a8e
   Vendor-25053-Attr-3 = 0x554e49464542452d3158
   Message-Authenticator = 0x6b79b9cd6b15dfedbf49ba57b7edcc45
# Executing section authorize from file /etc/freeradius/sites-enabled/default


Alguém tem alguma ideia ?