Bruno de Paula Larini wrote:
I'm trying to use FreeRADIUS 2.2.0 on Fedora 19 to authenticate Wi-Fi clients (Windows 7) against a MS Active Directory domain (Windows Server 2008 R2). The access point is a MikroTik RouterOS v5.11. I've already joined the FreeRADIUS machine into my AD domain and both 'wbinfo -a' and 'ntlm_auth' can successfully authenticate domain users. Then, I've followed the instructions on the Wiki for FreeRADIUS 2.x and set up the server accordingly.
That all seems fine.
However, 'radiusd -X' tells that the Windows clients didn't reply the request and there's a url to the Wiki, explaining why it couldn't finish. The root and the client (self-signed) certificates are already installed on a test client, and I think I've created them following the recommended way (as told in README file on raddb/certs). I've checked the comments on raddb/eap.conf, but I'm not sure what to do next.
Is there some way to make the Windows clients trust the request?
http://deployingradius.com/ Read the 4-step HOWTO on the bottom of the page. It details a step-by-step process to getting EAP to work on Windows machines. It WILL work. If the Windows box just stops the EAP session... the content on the Wiki page describes what to do. There really isn't anything else which can fix the problem. Alan DeKok.