EAP-TTLS not working on windows 11 for a wired usage
Marek Zarychta
zarychtam at plan-b.pwste.edu.pl
Fri Oct 14 15:29:09 UTC 2022
W dniu 13.10.2022 o 13:30, Alan DeKok pisze:
> Well, you can use TLS 1.3, but then you lose the benefits of session resumption.
Yes, TLS 1.3 for EAP is still new feature, worth testing, so we are testing.
> This looks like a decision made for "marketing" reasons. i.e. "We want people to use PEAP, so we'll make TTLS harder to use". In the end, all that does is annoy your customers.
>
Probably not, unfortunately, PEAP reveals the same behavior. Session
resumption has to be turned off when TLS 1.3 is negotiated by the
Windows supplicant, otherwise, Windows steps back. So far only
wpa_supplicant(8) can do {PEAP,TTLS}/MSCHAP2 against FreeRADIUS 3.2.1
with TLS 1.3 negotiated while session resumption is turned on.
--
Marek Zarychta
More information about the Freeradius-Users
mailing list