- try PEAP with the built in windows EAP peer and then TTLS with the
SecureW2, see if something changes;
- in the standard config, both should work as soon as you add a user
with a User-Password to your users file. in the beginning and for
testing, don't use databases, maybe your server has difficulties
connecting to it, or something.
- if the server replies correctly with -X, then this is probably a user
right issue.
- to me it looks like some issue with the server certificate validity
(mutual authentication). how did you configure SecureW2? does it verify
the server certificate? does it ask the user if the certificate is
unnknown? the best would be to add the signing CA to your trusted roots
at the windows pc *before* any authentication tries. you should verify
that the server certificate is correctly verified by the windows pc
(simply download the server certficate in .der format and open it in the
explorer. it should not say "untrusted").
it would be *very* surprising if the communication were still as you
described it. what authenticator do you use?
artur
Hi Artur,
thank you very much for your constructive suggestions. I will try these
one of the following days and write back to the mailinglist with my results.
- Allan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
