Skip to Content.
Sympa Menu

cat-users - [[cat-users]] Strange behaviour of WP 8.1

cat-users AT lists.geant.org

Subject: The mailing list for users of the eduroam Configuration Assistant Tool (CAT)

List archive

[[cat-users]] Strange behaviour of WP 8.1


Chronological Thread 
  • From: Tomasz Wolniewicz <twoln AT umk.pl>
  • To: cat-users AT lists.geant.org, eduroam AT lists.geant.org
  • Subject: [[cat-users]] Strange behaviour of WP 8.1
  • Date: Tue, 26 Jan 2016 09:13:43 +0100

Hi,
Sorry for cross-posting, but while Windows Phone subject popped up at
the cat-users list, it really has nothing to do with CAT as CAT does not
support Windows Phone. The problem I would is a general 801.x thing.

To start with, WP 8.1 allows only two username/password EAP methods -
PEAP or TTLS-MSCHAPv2.

I run several WP 8.1 tests against EAPlab using both FreeRADIUS and
Radiator and on our production eduroam network with FreeRADIUS and got
identical, rather surprising results. It turns out that when I set the
CA certificate in the client then PEAP works fine, but TTLS rejects
authentication with incorrect certificate error. Both methods work fine
with no CA set and both produce an identical warning about accepting the
server.

I have checked that there is no error in Radius, in both cases the same
server cert is sent, so it appears that the is a bad bug in the TTLS
implementation. It seems so bad that I find it hard to believe that it
is not my error, but testing this several times and in different
scenarios would seem to show that i may be right.

Could someone verify this please.

Tomasz


--
Tomasz Wolniewicz

twoln AT umk.pl
http://www.home.umk.pl/~twoln

Uczelniane Centrum Informatyczne Information&Communication Technology
Centre
Uniwersytet Mikolaja Kopernika Nicolaus Copernicus University,
pl. Rapackiego 1, Torun pl. Rapackiego 1, Torun, Poland
tel: +48-56-611-2750 fax: +48-56-622-1850 tel kom.: +48-693-032-576




Archive powered by MHonArc 2.6.19.

Top of Page