On 08/04/10 14:27, Stefan Winter wrote:
Hello,
I wonder if anyone else has come across this already... Google is not
very helpful here.
We're setting up a VPN Server (strongswan) with Windows 7 in IKEv2 mode.
The client side is supposed to authenticate with PEAP(*) to FreeRADIUS.
That works pretty well, but on the first PEAP connection to the server,
there's a big fat warning on the Win 7 UI: "You're connecting to a
server which is not a valid NPS Server for this domain. You are strongly
discouraged from continuing... bla..." If you click Connect, *everything
works*. Now I'm wondering what needs to be done to make that useless
warning go away... Maybe the FreeRADIUS server certificate needs yet
another Extended Key Usage or so? I didn't really find helpful
documentation.
Interesting.
I coded up PEAP/SoH support a while back, and IIRC Alan is dragging it
into the 2.2 version.
If you're curious you could try the code here:
git clone g...@git.freeradius.org:soh.git peap-soh
git checkout -b peap-soh origin/peap-soh
...see "eap.conf" for brief docs. I presume the warning will go away...
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
