The mailing list for users of the eduroam Configuration Assistant Tool (CAT)

[Paul Dekkers <paul.dekkers AT surf.nl>]

Hi,

Ah, that's very interesting, thanks.

What FreeRADIUS version is this? Could this be the TLS 1.3 setting also 
that is made default by this 22H2 update?

Does reinstalling the eduroam credentials work for these users?

If you want, I can also give you a test-account that does support TLS 
1.3 with a very recent FreeRADIUS version, just to compare/find out if 
this is the cause, or if it's really the Credential Guard interfering?

Regards,
Paul


On 06/10/2022 15:27, Daniel Dittrich (via cat-users Mailing List) wrote:
> Hi Paul,
>
> My particular office only sees BYOD users.
> Our Server uses freeradius3.
>
> Am 06.10.22 um 14:54 schrieb Paul Dekkers:
> > Hi Daniel,
> >
> > On 06/10/2022 14:30, Daniel Dittrich (via cat-users Mailing List) wrote:
> > > Hi,
> > >
> > > we are seeing the exact same thing with a number of our users 
> > > (uni-hildesheim.de).
> > > All other OS work fine, a recent update of Windows 11 seems to have 
> > > broken something.
> >
> > Just to check: are these indeed devices that are "BYOD", or are they 
> > part of an AD network?
> >
> > I see some claim that it mostly affects the use of AD credentials; 
> > I'd like to confirm.
> >
> > Also, it's still hard for me to reproduce; my client still accepts 
> > and stores the eduroam credentials it seems: despite it being 
> > PEAP-MSCHAPv2.
> >
> > What kind of RADIUS server software are you using? It could also be 
> > TLS 1.3 related, if you have an older FreeRADIUS server in particular.
> >
> > Regards,
> > Paul