TTLS authentication slow
Allan Riordan Boll
s062417 at student.dtu.dk
Wed Nov 14 11:08:52 CET 2007
> - try PEAP with the built in windows EAP peer and then TTLS with the
> SecureW2, see if something changes;
>
> - in the standard config, both should work as soon as you add a user
> with a User-Password to your users file. in the beginning and for
> testing, don't use databases, maybe your server has difficulties
> connecting to it, or something.
>
> - if the server replies correctly with -X, then this is probably a user
> right issue.
>
> - to me it looks like some issue with the server certificate validity
> (mutual authentication). how did you configure SecureW2? does it verify
> the server certificate? does it ask the user if the certificate is
> unnknown? the best would be to add the signing CA to your trusted roots
> at the windows pc *before* any authentication tries. you should verify
> that the server certificate is correctly verified by the windows pc
> (simply download the server certficate in .der format and open it in the
> explorer. it should not say "untrusted").
>
> it would be *very* surprising if the communication were still as you
> described it. what authenticator do you use?
>
>
> artur
Hi Artur,
thank you very much for your constructive suggestions. I will try these
one of the following days and write back to the mailinglist with my results.
- Allan
More information about the Freeradius-Users
mailing list