ArubaOS and Controllers

Reply
New Contributor

Unable to find a certificate to log on

We're setting up our first wireless network and are receive the following error when we try to connect:




Before starting down this path, we had a Server 2008R2 domain with no CA. I followed most of the directions on this Fat of the LAN page to configured an Enterprise CA. I diverged from those steps in two places. One was that the server I'm using is not a DC, it is just a domain-joined Server 2008R2 box. The other difference is that I did not add any attribute filters

When I test authentication from the controller (Diagnostics -> AAA Test Server -> select the server created above from drop-down -> enter my AD username and password), it succeeds and I see the audit success in the RADIUS server's Security event log. I was super excited, but when I tried to connect from an XP client (domain-joined), it failed with the error above and I don't see the failure in the Security event log on the RADIUS server.

I assume I'm missing something related to the certificate and AD, but I have no idea what it could be.

Thoughts? Thanks.

Guru Elite

Re: Unable to find a certificate to log on

On the Windows XP laptop, in the wireless setup, change the setting from "Smartcard" to "PEAP"


Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

New Contributor

Re: Unable to find a certificate to log on

Great, I was able to connect (I also had to tell it to not validate the certificate). When I try to connect from an XP or Windows 7 laptop that isn't on the domain, I get:




I'm not prompted for credentials. When I try from an iPad, it prompts for credentials and let's me right on.

Guru Elite

Re: Unable to find a certificate to log on

That is because the laptop that is on the domain uses the username/password of the user that logged into it. A user with a non-domain laptop logs into his laptop with an account that is NOT on the domain. You can uncheck "automatically use username/password" in the wireless config for that device to type in the username/password manually. You would of course have to uncheck "Validate Server Certificate" as well (not recommended).


Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: