Hi!
However Stefan, on this list, suggested me to user SecureW2 supplicant and all my problem is disappeared. See my post at the benginning of month.
While that's the best thing to do, there may be people forced to go with the built-in supplicant and that have to care about the ertificate extensions required by MSFT. For TLS, things are even a little worse than for TTLS, since also the client certificate needs to have an OID extension in place. There's a documentation on server and client OIDs on the FreeRADIUS website, see http://www.freeradius.org/doc/EAPTLS.pdf The OIDs are mentioned in chapter 10 (examples on cert generation earlier in the document); the server OID is the same for TTLS. Greetings, Stefan Winter -- Stefan WINTER Stiftung RESTENA - Réseau Téléinformatique de l'Education Nationale et de la Recherche Ingenieur Forschung & Entwicklung 6, rue Richard Coudenhove-Kalergi L-1359 Luxembourg E-Mail: stefan.winter@restena.lu Tel.: +352 424409-1 http://www.restena.lu Fax: +352 422473