intel Proset/wireless -> OK // windows zero config wireless -> KO
normangoh at exemail.com.au
Mon Sep 7 14:59:49 CEST 2009
Based upon the provided information I would believe that this would be a
driver problem, but without knowing what you have tried, your actual Intel
Hardware and a proper wireless capture this is the best I can offer. To me
if the Intel and Thinkpad wireless apps work with your current setup and is
stable then the problem does not appear to be with Radius at all.
If you are using XP with Service Pack 2 then you need the following two
patches for WPA2 comms.
These two provide extra code for the WPA2 Enterprise authentication methods
you are using so that the Windows Zero config wireless can work properly.
Service Pack 3 for XP is supposed to have these two patches but I would add
them in anyway.
For Linux, again this is a driver/module issue and you need to ensure that
you have a couple of things running first before you attempt to connect to
the AP, modules such as the wpa_supplicant and wpa_supplicant-gui (if you
are using a desktop interface) are necessary, and the ieee80211 module if it
is required. It also depends on your Intel Hardware and Firmware code that
you have installed. I am assuming that you have Intel chipsets here and not
Atheros chipsets, there is a big difference.
This website will point you in the right direction even though the
information maybe out of date by a couple of years, it may highlight a bug
in your configuration files especially in linux.
You may already have tried the following suggestion work your way up from
the lowest security wireless comms to the highest, (Ad-Hoc with no key, WEP,
WPA-PSK, WPA-TKIP, WPA2-PSK, WPA2-TKIP, WPA2-EAP\TLS) to try an pin point
the issue and confirm that the wireless works, at least for the less secure
The XP Sp2 without the patches will work up until WPA-PSK but due to the
cryptography changes in WPA2 it wont work without the patches. The Intel
Proset and Thinkvantage tools would already have this extra code written in.
If you are running a FAT Cisco AP and not the LWAP version, you can
configure multiple profiles on the same gear so you can try the above
without messing up your working wireless comms. Else you have to do the
profiles in the WLAN controller software.
From: freeradius-users-bounces+normangoh=exemail.com.au at lists.freeradius.org
[mailto:freeradius-users-bounces+normangoh=exemail.com.au at lists.freeradius.o
rg] On Behalf Of Jaulin Bernard
Sent: Monday, 7 September 2009 1:48 AM
To: freeradius-users at lists.freeradius.org
Subject: intel Proset/wireless -> OK // windows zero config wireless -> KO
After many weeks with no results, Its time to find help !
Debian : 5.0
Freeradius : 3.0.4 (with openssl)
Samba : 3.2.5
AD : Windows 2008
PEAP & MSCHAPV2
Here is the problem.
We use MSCHAP V2 with PEAP for Windows and Linux Client, the problem is so
strange. On HP laptops with Intel Proset wireless or IBM Thinpad with
Thinkvantage tools the connection was successful.
The same laptop with Windows zero config wireless client or Linux (Fedora,
Debian) impossible !
No error on log debug, just an authentication silently failed.
Yes certificates have Windows OID client/server (xpestensions)
Any ideas ?
Thanks in advance for your answers
PS : No, I dont want to use MS Radius !!
Bernard Jaulin - ilem S.A.
* +41 (0)79 593 22 46
Route de la Galaise, 32
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Freeradius-Users