PEAP with Machine auth

Francois Gaudreault fgaudreault at inverse.ca
Wed Oct 26 20:53:55 CEST 2011


Correct me if I am wrong, but that should not be needed when you are not 
validating server certificate.

That would mean windows is trying to validate server cert when doing 
machine auth even if the profile says otherwise??

On 11-10-26 2:36 PM, Bonald wrote:
> Client is Windows7 w/SP1. Using Cisco PEAP it's working. When using
> Microsoft PEAP it's failing for machine auth.
>
> I am on WLAN
> "netsh wlan show profile" just shows my SSID
>
> That fixed my problem. I needed to check the correct CA in the
> protected PEAP properties.
> http://www.letu.edu/it/faq/article/AA-00414/0/What-should-I-do-if-I-get-the-error-message-The-connection-attempt-could-not-be-completed-when-connecting-to-wireless.html
>
> thanks
>
> On Wed, Oct 26, 2011 at 1:59 PM, Phil Mayers<p.mayers at imperial.ac.uk>  wrote:
>> On 26/10/11 17:15, Phil Mayers wrote:
>>> On 26/10/11 14:24, Bonald wrote:
>>>> Yes i've read it.
>>>> Yes the certificate is trusted on the machine and the user store.
>>>>
>>>> It must be something else, using USER auth it's working. MACHINE auth
>>>> is failling.
>>> What is the client operating system and version, including service pack?
>>>
>>> Are you using the built-in operating system supplicant, or a 3rd-party
>>> supplicant?
>>>
>> Also, if you can (unicast, if you want) show the "netsh lan show profile"
>> output from a command prompt please?
>> -
>> List info/subscribe/unsubscribe? See
>> http://www.freeradius.org/list/users.html
>>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>


-- 
Francois Gaudreault, ing. jr
fgaudreault at inverse.ca  ::  +1.514.447.4918 (x130) ::  www.inverse.ca
Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence (www.packetfence.org)




More information about the Freeradius-Users mailing list