EAP-TTLS not working on windows 11 for a wired usage

Alan DeKok aland at deployingradius.com
Tue Oct 11 21:22:42 UTC 2022


On Oct 11, 2022, at 4:33 PM, Marek Zarychta <zarychtam at plan-b.pwste.edu.pl> wrote:
> Some of our eduroam users running Windows 11 are also encountering issues with EAP-TTLS and it looks like the reply from the server is missing too. We are investigating this.

  The server should always reply.

  What usually happens is that the Windows system doesn't like something about the servers reply, and then just stops doing EAP.

  You might try turning off session resumption.  I would normally recommend using it always, but we've had issues with it in Windows 11.

  i.e. the combination of Windows 11, TLS 1.3, TTLS, and session resumption makes Windows upset.  I don't really know more than that, as any information I have is just "Windows goes away".

> It is worth mentioning here that after six months of running FreeRADIUS 3.2.0 we noticed that so far only wpa_supplicant v2.10 is able to use TLS 1.3 in EAP-TTLS.

  I hope the TTLS issues in Windows 11 get fixed.  We've reported the issue to Microsoft, but they have corporate time frames to solve problems.

> Today the servers got updated to FreeRADIUS 3.2.1. Of course, it runs fine on FreeBSD too. Thank you!

  Good to hear.

  Alan DeKok.



More information about the Freeradius-Users mailing list