Windows mobile unable to authenticate [FreeRadius+Active directory]

Alan Buxey alan.buxey at gmail.com
Fri Jun 16 20:12:45 CEST 2017


does your RADIUS server cert have a CRLDP defined?

alan

On 16 June 2017 at 13:54, Alan DeKok <aland at deployingradius.com> wrote:
> On Jun 16, 2017, at 4:44 AM, Burn Zero <burnzerog at gmail.com> wrote:
>> We are using FreeRadius+Active directory setup in our environment to
>> authenticate users for the WIFI. The clients are authenticated using
>> server side cert + their Active directory credentials. This is working
>> properly except windows phone users.
>>
>> Users who own windows phone are unable to authenticate via Freeradius.
>> Below is the debug error log when they try to connect WIFI.
>
>   The message says that the client is choosing to stop authentication.
>
>   The problem is likely that the Windows phones are much more picky about the TLS certificate contents.  What does that mean?  I'm not sure... Microsoft doesn't document this, and the OS updates change the phone's behaviour.
>
>   Try using different certificates.  i.e. the ones created by the server when it's first installed.  You'll need to run tests to see which certificates are acceptable by the phones.
>
>   Alan DeKok.
>
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html


More information about the Freeradius-Users mailing list