Windows Vista doing PEAP

Alan DeKok aland at
Wed Oct 4 18:14:25 CEST 2006

"King, Michael" <MKing at> wrote:
> So we've been using FreeRADIUS talking to ActiveDirectory to
> authenticate our WinXP clients (Over 2000) for over a year now.
> Along comes Vista.  Of COURSE it doesn't work.  Microsoft changed
> something, and it broke a working config.  Arrg.


  You'll have to re-build & re-install the EAP module (you don't need
to touch the rest of the server).  It won't help, but it will print
out a little more information.  We'll probably have to do a few cycles
before it's tracked down, though.

> My (amatuer) analyis,  (Aka my gut) is that Vista is Doing something in
> TLS, not PEAP.  (I don't see my mschap module fire).

  The TLS tunnel is set up, BUT vista is doing something slightly
different that confuses FreeRADIUS, so FreeRADIUS doesn't continue the
EAP conversation.

  Alan DeKok.
--       - The web site of the book - The blog

More information about the Freeradius-Users mailing list