Hi,
I had to uncheck validate certificates on the client. I also had to uncheck use logon on username and password so it would ask me for the credentials. The server does not like when the client sends domain info. On the server side I had to change the users file so it doesn't include the Auth-Type as previously recommended. My Question is on my PC's Winows 7 and Windows XP clients. How do I get my user to work in a domain environment with PEAP and EAP-TLS so that I don't need to manually login with my client. This would be the preferred way for us to authenticate to the network. This is how we do it with our Windows 2003/2008 Servers.
bind your FreeRADIUS into the AD and use the NTLM and AD login stuff. the FreeRADIUS server is quite able to handle these - you just need to configure it to do so...if you dont, then yes, you cant login with your AD identity - we happily do this with the machine identity for our local people on our 802.1X wireless network (and wired network) alan