Hi Phil,
Phil Mayers schrieb:
To be clear, all windows clients fail? But other clients succeed?
Exactly, Ubuntu can authenticate, all XP not.
It is possible a windows update has removed the intermediate
certificate from the client(s). IIRC Microsoft have done this in the
past, expecting the intermediate CA to be provided during TLS
negotiation. In this case, you need to have the correct CA (chain) at
the FreeRadius side. Have you got this configured correctly?
Yes, Server cert/key and Client cert/key origin from the same CA, which
is also present at the radius-server. At least that wasn't a problem
since 2 years, after I worked out how to use Radius with XP SP3.
It won't help running such an old version of FreeRadius.
Yes, but it was enough for us, since we don't need Vista and Win 7
support. I'am working currently on Debian Lenny to make the 2.10 coming
over lenny-backports work. But it's not easy and I don't know if it
fixes the problem. I think an MS security-update killed the radius
authentification.
Is anyone having a working auth with Freeradius und a fully patched XP
Pro SP3?
TIA
Alex
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html