Yes, The client is windows XP SP3 and I copied the certificate from the server to the client,installed it and configurated to use mschapV2. For information I can authenticate these users above: yao and Rgc but the members of LDAP groups "radius-users" can not
#DEFAULT Auth-Type = ntlm_auth yao Cleartext-Password := "yao", MS-CHAP-Use-NTLM-Auth := 0 Reply-Message = "Felicitations vous venez de vous connecter au reseaux RGC", Tunnel-Type = 13, Tunnel-Medium-Type = 6, Tunnel-Private-Group-ID = 2 rgc Cleartext-Password := "rgc", MS-CHAP-Use-NTLM-Auth := 0 Reply-Message = "Felicitations vous venez de vous connecter au reseaux RGC", Tunnel-Type = 13, Tunnel-Medium-Type = 6, Tunnel-Private-Group-ID = 2 DEFAULT NAS-Port-Type == "Ethernet", Ldap-Group == "radius-users", Tunnel-Private-Group-Id == 2, Tunnel-Type == VLAN, Service-Type == Login-User, Tunnel-Medium-Type = IEEE-802, Fall-Through = no Thanks Yao Thierry Konou AMR SERVICES 11 Rue du Petit Châtelier CS90346 44303 NANTES CEDEX 3 Tel : 02 28 44 19 80 - Fax : 02 28 44 53 88 Site: http://www.amr-services.fr -----Message d'origine----- De : freeradius-users-bounces+ykonou=amr-services....@lists.freeradius.org [mailto:freeradius-users-bounces+ykonou=amr-services....@lists.freeradius.org] De la part de Alan Buxey Envoyé : mercredi 13 avril 2011 11:12 À : FreeRadius users mailing list Objet : Re: unable to authenticate freeradius+AD hi, looks like PC not properly responding.... have you got the RADIUS server CA on the client? (ie does the client know the CA and trust it?) alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html