PEAP or TTLS and Microsoft Vista.
Alan DeKok
aland at deployingradius.com
Wed Jul 23 08:55:27 CEST 2008
nf-vale wrote:
> I'm also suffering from this Vista "disease". But in my case I can
> authenticate users using PEAP, from XP SP2 and SP3 clients, even with
> "Validating Server Certificate" checked.
>
> The problem is only with Vista. I've all the windows updates available
> installed but I can't get it to work even with the "Validate Server
> Certificate" unchecked.
In short, Vista is broken. Again. It's a little hard to tell why
it's broken.
> The freeradius version that I'm using it's the 2.0.2, and I've tried
> both with the radius "test" certificates and other, and the behavior is
> exactly the same.
Other people have gotten Vista to work with that configuration. Maybe
it's an older version with different patches?
> The radius log always shows the following:
>...
> Sending Access-Challenge of id 93 to 192.168.100.199 port 1024
...
> Finished request 11.
> Going to the next request
> Waking up in 0.9 seconds.
> Waking up in 3.9 seconds.
> Cleaning up request 10 ID 92 with timestamp +1627
Which means that Vista has decided for it's own "magical" reasons to
stop talking to the RADIUS server.
> Is there anything that I'm missing?
Nope. Vista is broken. Microsoft does this in order to tell people
that it works "better" with IAS than with other RADIUS servers. They've
done this repeatedly with XP and with Vista.
Alan DeKok.
More information about the Freeradius-Users
mailing list