Problem:

No radius login possible after the Windows Update 22H2 on Windows 11

Solution:

Modify the configuration template:
/etc/univention/templates/files/etc/freeradius/3.0/mods-available/eap
and set

tls_min_version = "1.2"
tls_max_version = "1.2"

and then
ucr commit /etc/freeradius/3.0/mods-available/eap
and restart the service

or
edit directly /etc/freeradius/3.0/mods-available/eap
and restart the service. An ucr commit will overwrite the change.

Investigation:

This issue seems to be a combination of the freeradius version < v3.0.26 und v3.2.0 and TLS 1.3 which Windows 11 22H2 wants to use.

see also
https://support.microsoft.com/en-us/topic/windows-10-devices-can-t-connect-to-an-802-1x-environment-179ef277-e6ef-8ea3-cb0e-11a6b80fa955

German:
https://support.microsoft.com/de-de/topic/windows-10-geräte-können-sich-nicht-mit-einer-802-1-x-umgebung-verbinden-179ef277-e6ef-8ea3-cb0e-11a6b80fa955

https://forge.univention.org/bugzilla/show_bug.cgi?id=55247

This topic was automatically closed after 24 hours. New replies are no longer allowed.