I was working on having an Enterprise WiFi access point where my clients need to enter username and password (which are in OpenLDAP directory), using AES, TTLS PAP.
I setup my freeradius according to this tutorial: https://ttboa.wordpress.com/2014/09/26/freeradius-on-debian-7/
and everything worked perfectly when my clients use Android phone.
BUT the problem is: I tried for a couple of days trying to get WINDOWS to be able to connect to my Access point with no success.
We the clients try to connect from windows 10, they get a propt window to enter username and password WITH DOMAIN.
I tried with the client using my server domain, and without entering domain, with no success. It just doesn’t connect.
Here is freeradius log: http://pastebin.com/EKGzXDdm
the username in OpenLDAP is: “firstname.lastname@example.org”, it was just alice but I edited it just to try with domain.
the password of that user is “m”. and the password is md5 hashed in LDAP.
I am really confused and don’t know what to do to solve that, I google everywhere with no success, any help is really very appreciated.
OK finally after a couple of days of debugging and searching I got it!
If we check the log deltaily, we will find that there is something wrong with the ciphers, that word remembered me that a couple of days ago I edited the ciphers_list in eap.conf trying to solve another problem and I didn’t set them back, and now when I set them back to default, everything worked in both windows and android like a charm 🙂