Ok, that's what I thought (about the root Certificate not being pleasing to XP). FYI: I'm using a version of Linux by Novell called SLES (SUSE Linux Enterprise Server) version 9 Service Pack 3 and the FreeRADIUS is from Novell's Web site (freeradius-1.0.2-0.i586.rpm, freeradius-devel-1.0.2-0.i586.rpm). I've done my Certificate work by using SLES' YaST, "Security and Users", "CA Management". I simply exported the root cert using this CA Management GUI. This worked great with Cisco's ADU configuration tool. If someone could give me the quickest and easiest way to creating a root certificate that's works with Windows XP, that would be great. I have another CA running on a Windows 2003 server, can I make use of this CA somehow? Thanks for any help. Marc
>>> [EMAIL PROTECTED] 4/25/2007 1:33:00 PM >>> hi, rlm_eap_tls: <<< TLS 1.0 Alert [length 0002], fatal access_denied TLS Alert read:fatal:access denied rlm_eap_peap: No data inside of the tunnel. rlm_eap: Handler failed in EAP/peap rlm_eap: Failed in EAP select okay. so thats the main issue. were your certificates generated with the XP extensions? how have you configured the native supplicant? it doesnt need much configuring.... just disable fast-connect, disable user guest account, use machine auth (if you're not doing machine) and click the MSCHPv2 stuff and deselect the 'use windows username/password' if you cannot use those. then its up to you to ensure the cert is in the store and you verify or dont verify your radius cert. alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html