Windows 8.1 Wi-Fi client handshake failure

Martin Rowe martin.p.rowe at gmail.com
Tue Oct 7 04:21:55 CEST 2014


Alan DeKok wrote:
>   The DEFAULT list of ciphers is old.  Your OpenSSL libraries may not
> include the new ciphers that Windows expects.
>   Try setting it to "ALL".  If that doesn't work, it's more difficult to
> say what's wrong.  Windows is "helpful" and doesn't produce reasonable
> error messages about what it expects.

Hadn't tried "ALL", but testing it now doesn't change the error. The
config line in the debug output did reflect "ALL" being set.

>   Does PEAP work?

I just added a couple of config lines to allow PEAP/MSCHAPv2. My
Android device was still able to negotiate a TLS connection, but the
Windows client stops with the same error (just [tls] swapped with
[peap], otherwise the lines are identical).

At least that eliminates the client certificate. I'll play around some
of the extensions on the server certificate.

Thanks

Marty


More information about the Freeradius-Users mailing list