Hello. I need your help. For the last few days I try to authenticate and authorize Microsoft Vista operating system against FreeRADIUS and 3com switch (as NAS) for wired authentication with no luck.
I'm using FreeRADIUS 2.0.5 from sources built on Debian Etch GNU/Linux and certs made by bootstrap command (so those certs should have a bit of magic from xpextensions afaik). I try to make little steps and change as less as possible - to be honest I've only added user to the users file and client definition to the clients.conf file. I've tested my configuration with eapol_test command (as suggested at this site[1]) and it works fine. I've tested it against MacOsX 10.4 and MacOsX 10.5 and it works fine. I even tested it against Windows XP SP2 and it works fine. It doesn't work with Windows Vista and Windows XP SP3. Please help! What I have spotted is that the server sends "Access Challenge" and then on OSX dialog pops up where I can accept server's certificate and on Windows it's over. So I think it's the issue mentioned on this site[2] however i DO have Validate Server Certificate un-checked. One more thing. If I won't use Windows' PEAP authorization and install securew2 and use securew2's auth - I am able to connect. Work for a minute or so and then NAS reports lost carrier and the connection is lost. I've written about this issue about a year ago however this was put on-hold. You might want to look at logfiles from that tests. [1] - http://deployingradius.com/scripts/eapol_test/ [2] - http://deployingradius.com/documents/configuration/eap-problems.html [3] - http://lists.freeradius.org/pipermail/freeradius-users/2007-July/msg00096.html Any hints and tips much appreciated. I'm attaching two logfiles. The first one - freeradius.log - is the one where I'm trying to authenticate using system-wide PEAP. The second one, namely freeradius-securew2.log, is the one where switch receives Access-Accept and a few moments later switch sends back information that the carrier is lost.I've compressed both logfiles. I hope it's ok here. If it's not - please let me know.
Thanks in advance. -- Lech Karol Pawłaszek <ike> "You will never see me fall from grace." [KoRn]
freeradius.log.gz
Description: GNU Zip compressed data
freeradius-securew2.log.gz
Description: GNU Zip compressed data
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
