Windows Phone 10 support TTLS-PAP?

Toggle sidebar Toggle sidebar
I don't' really know, but it seems work with EDUROAM and it uses ttls-pap from what I know, so I guess it does.
 
Because in my university (from Spain) they use TTLS config with PAP without a certificate, so I need the option to select PAP authentification also and not only the TTLS parametre. Sorry for my Enlish expression...thank you
 
I have not found a way to connect to eduroam (nor to the local university network with TTLS/PAP, for that matter) yet and the data center here says that it is not supported. It would be great if they were wrong about that, but most of what I have read thus far seems to support their statement and the few suggestions otherwise (mostly some certificate stuff) did not work for me.
 
I have no trouble with EDUROAM here, at all the campus and universities that I visited the last couple of months, I am be able to connect to EDUROAM without issues.
And to connect to eduroam , just click the eduroam network when you're at campus, then it will open up for login info, enter the login info normally same as your school email and password. Then click never on the certificate check thing. Click connect. It should work. After the first time configuring at your own school, you should be able to 'roam' between 'edu's.
 
Last edited:
Yes, but on my wp 8.1 doesn't work in my own university. For these reason I was asking if it works with wp 10.
In my university I have to put these options: User and pass, select TTLS and authentification phase 2: PAP and it doesn't work with wp 8.1, i will try with wp 10 when it will be release.
 
Alexander: And you are sure that your institution uses TTLS/PAP for authentication? The process you describe sounds more like PEAP MS-CHAP v2 as you cannot choose 'never' for the certificate-check on TTLS/PAP. As far as I know it depends on your institution which of the two (or possibly even more) authentication methods they use.
 
My university don't use the certificate and yes they use TTLS/PAP. These are the options for the wifi:
?SSID: eduroam (en min?sculas)
?seguridad: 802.1x
?m?todo EAP: TTLS (Tunneled TLS)
?autenticaci?n interna o de fase 2 (inner Authentication): PAP
 
xbrtll said:
Alexander: And you are sure that your institution uses TTLS/PAP for authentication? The process you describe sounds more like PEAP MS-CHAP v2 as you cannot choose 'never' for the certificate-check on TTLS/PAP. As far as I know it depends on your institution which of the two (or possibly even more) authentication methods they use.
Click to expand...
You were right my school switched to peap ms-chap v2, it was TTLS-EAP yrs ago when I was undergrad there and try to configure on my Nokia N95. but I guess they switched sometime after that. But I thought back in 8.1 v1 should support TTLS-EAP
Wait second are you it is TTLS-PAP not TTLS-EAP? Because eduroam has to be 802.1x EAP
 
Last edited:
Alexander Long said:
Wait second are you it is TTLS-PAP not TTLS-EAP? Because eduroam has to be 802.1x EAP
Click to expand...
I don't think TTLS-EAP ist a thing. Full version is EAP-TTLS/PAP, i.e. EAP-TTLS to authenticate to the network and then PAP to authenticate the user (if I recall that correctly). The problem lies in the PAP-part: I can enter my data, then windows asks me to accept the server certificate (i.e. the EAP-TTLS part seems to work) and after that it tells me the connection is not possible.

Alexander Long said:
And from what I read from here, it dose support EAP-TTLS (PAP) .
Click to expand...
Thanks, it's interesting that they mention PAP in the table but not in the explanation how to configure it later. I'll look into that and give it another try on monday.
 
I did a little more search on this topic, looks like since back couples yrs ago, almost all mobile device has issues with TTLS-PAP (including iPhones blackberry, and I do remember I can't connect with Android for long time until one day it magically connected too) therefore all universities in Canada switched to more common PEAP MSChapv2 for both eduroam and their own secure network, some even just ditch their own, only have the unsecured one with eduroam replacing the secure one.
 
xbrtll said:
I don't think TTLS-EAP ist a thing. Full version is EAP-TTLS/PAP, i.e. EAP-TTLS to authenticate to the network and then PAP to authenticate the user (if I recall that correctly). The problem lies in the PAP-part: I can enter my data, then windows asks me to accept the server certificate (i.e. the EAP-TTLS part seems to work) and after that it tells me the connection is not possible.

Thanks, it's interesting that they mention PAP in the table but not in the explanation how to configure it later. I'll look into that and give it another try on monday.
Click to expand...

Hi, I am really cautious on this topic these days, since I also read some old pages from my school ITS support site, it did mention some thing like below:
"The recommended authentication protocols to use (EAP-PEAP with MS-CHAPv2) are given above, there are many other available combinations:
◾EAP-TTLS with CHAP, MS-CHAP and MS-CHAPv2 work and are also supported
◾EAP-TTLS with PAP is supported but strongly advised against (if used, the server must be authenticated by name and the certificate validated) as it may reveal your Network Access Token to third party sites
◾EAP-LEAP is not supported and will not work
◾EAP-FAST is not supported and will not work "
So if you don't mind , may I ask which Institute you are attending? And maybe the ITS support page link for eduroam?
 
Unfortunately the support pages are only in German, but I'll you a link anyway.

Alexander Long said:
EAP-TTLS with PAP is supported but strongly advised against (if used, the server must be authenticated by name and the certificate validated) as it may reveal your Network Access Token to third party sites
Click to expand...
My knowledge on the technical details is pretty limited, so I don't know if "may" means that it happens in practice and whether or not this would be a problem from a security or privacy point of view.

As my univerity provides a third WLAN I can use, the (maybe) missing TTLS/PAP-support is not that big of a problem to me, but it would be easier as I do not have to start VPN manually each time I connect to it. Or is this something my phone could do automatically?
 
Sorry for not responding sonnet, I was away from campus for holiday until now. So today is did be able to connect my campus eduroam through TTLS too.
So click the table of EAP method, then you can chang eat from MS Chapv2 to TTLS. See if that would work with your university.
 

Attachments

  • Fantasia Painting.jpg
    Fantasia Painting.jpg
    118.8 KB · Views: 4
No, it does not. I can enter my username and password and am asked to accept the certificate. Then I'm told that authentication was not possible (I think that's due to the lack of PAP-support) and can reenter username and password once more before I get the message that the attempt to connect to eduroam has failed. See also attached screenshots.
 

Attachments

  • wp_ss_20160108_0002.jpg
    wp_ss_20160108_0002.jpg
    58.8 KB · Views: 3
  • wp_ss_20160108_0003.jpg
    wp_ss_20160108_0003.jpg
    71.4 KB · Views: 3
  • wp_ss_20160108_0004.jpg
    wp_ss_20160108_0004.jpg
    59.1 KB · Views: 3
  • wp_ss_20160108_0005.jpg
    wp_ss_20160108_0005.jpg
    39.9 KB · Views: 3
You all have to understand that the authentication method is determined by your eduroam account PROVIDER, and NOT the location you are trying to use it. So if your home institute uses a method not possible to enable on your phone, it doesn't matter where you are, it is not going to work. Whereas if your home institute uses an other method it is going to work. I have the same issue: the institute supports EAP-TTLS / PAP, and while win 10 supports it, there is no way to enable it in W10M! :( You can push this setting using mobilde device management (which I / we don't have) but you cannot enable it. To repeat: the system supports it, you just cannot tell said system to use this specific method because nobody at Microsoft bothered to add a checkbox to the GUI since _YEARS_.

Since then, the institute had started supporting MS-CHAPv2, which again, does not work on my phone for some odd reason. Same error message all the time.
 
neither of my windows phone 8.1 nor windows 10 mobile do work on our eduroam network. android does. iPhone does. so, just TTLS/PAP/certificate. end of story.
 
You must log in or register to reply here.

Similar threads

Windows Central
Microsoft confirms limited Microsoft 365 app support on Windows 10 after October 2025
Replies
0
Views
225
Windows Central News Feed: Comments & Discussion
Windows Central
Windows Central
Windows Central
Windows 10 Mobile’s app store bites the dust, half a decade after support ended
Replies
0
Views
216
Windows Central News Feed: Comments & Discussion
Windows Central
Windows Central
Windows Central
Worried about the end of Windows 10 support? This OLED laptop is nearly half price at $499.
Replies
0
Views
209
Windows Central News Feed: Comments & Discussion
Windows Central
Windows Central
Windows Central
Microsoft addresses the 'elephant in the room,' discusses upcoming end of Windows 10 support
Replies
0
Views
384
Windows Central News Feed: Comments & Discussion
Windows Central
Windows Central
Windows Central
Windows 10 for PCs is not the only version of Windows to reach end of support this year
Replies
0
Views
487
Windows Central News Feed: Comments & Discussion
Windows Central
Windows Central

Latest posts

Trending Posts

Members online

Total: 3,302 (members: 2, guests: 3,300)

Forum statistics

Threads
339,229
Messages
2,262,255
Members
428,753
Latest member
DavidAGarcia

Share this page

COMPANY
RESOURCES
FOLLOW
Top Bottom