last hurdle...windows clients

tnt at kalik.net tnt at kalik.net
Sun Nov 23 14:46:16 CET 2008


>OK - that quiets the notification but I still can't figure out the issue
>where I can authenticate RRAS, Macintosh and iPod clients against radius
>via LDAP using mschapv2 but even with the certificates on Windows XP
>clients, with the 'xpextensions' they always try to authenticate as
>'uid=anonymous' and never ask me for name/password credentials to supply
>for authentication.
>
>Thus since my Default Auth Type = LDAP (in users), these clients always
>fail authentication.
>

Then there must be a setting in the supplicant that changes user name to
anonymous for the outer tunnel negotiation. If you upgrade to 2.1.1. you
can leave anonymous as it is and enable ldap only for inner-tunnel
virtual server (where true user name will be used).

Ivan Kalik
Kalik Informatika ISP




More information about the Freeradius-Users mailing list