Windows cannot connect to Enterprise WPA2 WiFi access point with EAP-TTLS PAP authentication using freeradius

Posted on

Problem :

I was working on having an Enterprise WiFi access point where my clients need to enter username and password (which are in OpenLDAP directory), using AES, TTLS PAP.

I setup my freeradius according to this tutorial:

and everything worked perfectly when my clients use Android phone.

BUT the problem is: I tried for a couple of days trying to get WINDOWS to be able to connect to my Access point with no success.
We the clients try to connect from windows 10, they get a propt window to enter username and password WITH DOMAIN.
I tried with the client using my server domain, and without entering domain, with no success. It just doesn’t connect.

Here is freeradius log:

the username in OpenLDAP is: “”, it was just alice but I edited it just to try with domain.
the password of that user is “m”. and the password is md5 hashed in LDAP.

I am really confused and don’t know what to do to solve that, I google everywhere with no success, any help is really very appreciated.

Solution :

OK finally after a couple of days of debugging and searching I got it!

If we check the log deltaily, we will find that there is something wrong with the ciphers, that word remembered me that a couple of days ago I edited the ciphers_list in eap.conf trying to solve another problem and I didn’t set them back, and now when I set them back to default, everything worked in both windows and android like a charm 🙂

Leave a Reply

Your email address will not be published. Required fields are marked *