FreeRADIUS, 3com (4500) and Windows Vista.

Lech Karol Pawłaszek ike at kni.univ.szczecin.pl
Wed Jul 4 17:50:45 CEST 2007


Hello.

I have serious problem. At my company we use 802.1x authentication to 
access (wired) network. VLANs are dynamically assigned and users have 
the same privileges no matter in what location they're plugged in.

Except Vista...

We use 3com 4500 switches as NAS and FreeRADIUS 1.1.6 as RADIUS server. 
When non-vista user plugs in - one has to provide credentials and after 
a while - port on a switch is in authorized state.

When Vista user plugs in - one also has to provide credentials. And 
after a while - port on a switch is in authorized state. BUT "a baloon" 
which prompts user for credentials pops up again. And it can pop up like 
three/four times in a row for a minute or two until... the connection is 
lost. The port on the switch is put into unauthorized state. It's 
impossible to work at such conditions ;-) I know that user has to 
reauthenticate after a period of time but i thought it should be done in 
a background - like other systems do. I've tried to trick the system by 
using "remember credentials" checkbox, but after that system doesn't 
want to reauthenticate at all.

I'm kinda confused. I've attached two logfiles. One from the `freeradius 
-XX` stdout and one from the switch's console output.

I've used built-in 802.1x PEAP authentication and securew2 TTLS client. 
Both fails to keep the connection.

Thanks in advance,

-- 
Lech Karol Pawłaszek <ike>
"You will never see me fall from grace" [KoRn]
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: freeradius.log
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20070704/30aa39c8/attachment.ksh>
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: switch.log
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20070704/30aa39c8/attachment-0001.ksh>


More information about the Freeradius-Users mailing list