Windows mobile unable to authenticate [FreeRadius+Active directory]

Alan DeKok aland at deployingradius.com
Fri Jun 16 14:54:12 CEST 2017


On Jun 16, 2017, at 4:44 AM, Burn Zero <burnzerog at gmail.com> wrote:
> We are using FreeRadius+Active directory setup in our environment to
> authenticate users for the WIFI. The clients are authenticated using
> server side cert + their Active directory credentials. This is working
> properly except windows phone users.
> 
> Users who own windows phone are unable to authenticate via Freeradius.
> Below is the debug error log when they try to connect WIFI.

  The message says that the client is choosing to stop authentication.

  The problem is likely that the Windows phones are much more picky about the TLS certificate contents.  What does that mean?  I'm not sure... Microsoft doesn't document this, and the OS updates change the phone's behaviour.

  Try using different certificates.  i.e. the ones created by the server when it's first installed.  You'll need to run tests to see which certificates are acceptable by the phones.

  Alan DeKok.




More information about the Freeradius-Users mailing list