Hi, I have a problem configuring wireless 802.1x authentication with FR and a Windows client. I use version FR 2.0.3 and think I configured everything quite well.
FR sends out the Access-Challenge but my windows client does not answer it. I recreated the default certificates to be sure that the nessesary OIDs (see xpentenstions) are included. But still no success. Any idea? Thanks. -- Config: modules { pap { auto_header = no } chap { authtype = CHAP } pam { pam_auth = radiusd } unix { radwtmp = ${logdir}/radwtmp } $INCLUDE eap.conf mschap { authtype=MS-CHAP use_mppe=yes require_encryption = yes require_strong = yes } $INCLUDE sites-enabled/ eap.conf: eap { default_eap_type = peap timer_expire = 60 ignore_unknown_eap_types = no cisco_accounting_username_bug = no md5 { } leap { } gtc { auth_type = PAP } tls { certdir=/usr/local/etc/raddb/certs cadir=/usr/local/etc/raddb/certs private_key_password = whatever private_key_file = ${certdir}/server.pem certificate_file = ${certdir}/server.pem CA_file = ${cadir}/ca.pem dh_file = ${certdir}/dh random_file = ${certdir}/random cipher_list = "DEFAULT" make_cert_command = "${certdir}/bootstrap" } ttls { default_eap_type = md5 copy_request_to_tunnel = no use_tunneled_reply = no virtual_server = "inner-tunnel" } peap { copy_request_to_tunnel = no use_tunneled_reply = no virtual_server = "inner-tunnel" } mschapv2 { } } sites-enabled/default.conf authorize { preprocess chap mschap suffix eap { ok = return } unix files expiration logintime pap } authenticate { Auth-Type PAP { pap } Auth-Type CHAP { chap } Auth-Type MS-CHAP { mschapv2 } unix eap } Thanks for any hint. Michael Schwartzkopff - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html