Microsoft Windows XP network authentication fails with NMAS Radius

  • 3456047
  • 26-Feb-2007
  • 16-Mar-2012

Environment


Novell NMAS Radius
Microsoft Windows XP Professional
Microsoft Windows XP Home

Situation

RADIUS fails to authenticate a Microsoft Windows XP workstation when performing a network authentication.

Resolution

Network authentication is based on the 802.1x standard. However, the Novell NMAS Radius instance of the RADIUS protocols does not support the 802.1x standard. The two protocols that are handled by Novell's NMAS Radius are :
  • CHAP (Challenge Handshake Authentication Protocol)
  • PAP (Password Authentication Protocol)
As a result, any EAP-TLS, EAP-TTLS, EAP-MD5, EAP-LEAP, EAP-PEAP, and other EAP-based (802.1x) network authentication mechanisms will not be implemented with Novell's NMAS Radius.

However, please note that the use of an OES Linux or SUSE Linux platform with a properly configured FreeRADIUS service can authenticate systems that utilize the 802.1x standard using an eDirectory server and the Simple Password (also implemented under the Universal Password mechanism).

As a result, the only solution is to implement a separate software package (FreeRADIUS) on a SUSE or OES Linux platform.

Additional Information

Note, configurations that implement these types of network authentication mechanisms deal primarily with portable laptops or notebooks, e.g. Wireless AP authentication, or publicly accessible docking stations.