Windows 7 prompting several times

Matthew Newton mcn4 at leicester.ac.uk
Tue Mar 6 15:33:53 CET 2012


On Tue, Mar 06, 2012 at 02:22:04PM +0000, Morris, Andi wrote:
> Dave, I am running Cisco switches with dot1x timeouts, I wonder
> whether this could be causing the issue.  I'll do some testing.

Turn off "Excessive 802.1X Authentication Failures" if you've got
such a thing and it's enabled. We had it on, and if the first
login had a bad password, the user would be locked out until they
waited a minute or so to drop out of the client exclusion table.

It's supposed to be three bad login attempts, but watching the
client debug logs showed it tripping after just one due to the
number of challenges/responses etc - I forget the exact details
now. Maybe Windows did automatically retry a couple of times,
which tripped it up.

(This is Cisco wireless LAN controllers - switches may be
similar.)

We still see it with this off (see in other e-mail) but much less
often.

Matthew


-- 
Matthew Newton, Ph.D. <mcn4 at le.ac.uk>

Systems Architect (UNIX and Networks), Network Services,
I.T. Services, University of Leicester, Leicester LE1 7RH, United Kingdom

For IT help contact helpdesk extn. 2253, <ithelp at le.ac.uk>


More information about the Freeradius-Users mailing list