Security

last person joined: 2 hours ago 

Enterprise security using ClearPass Policy Management, ClearPass Security Exchange, IntroSpect, VIA, 360 Security Exchange, Extensions and Policy Enforcement Firewall (PEF).
Expand all | Collapse all

Fail to use Windows 8 Login to auto connect to 802.1x ssid

  • 1.  Fail to use Windows 8 Login to auto connect to 802.1x ssid

    Posted Sep 29, 2015 11:39 AM

    We currently setup 802.1x ssid using Clearpass as Radius server. Our client use Windows 8 that joined to domain and want to use Windows Login username and password to authentiacate to the ssid but failed to achieve that. If manually key in the username and password successful connected. We configure the GPO to push the wireless setting to the device but still cannot work. From the access tracker the error code is 215.Can someone help me.Enclosed are the screenshot of GPO setting and the error details. Thanks

     

     



  • 2.  RE: Fail to use Windows 8 Login to auto connect to 802.1x ssid

    Posted Sep 29, 2015 11:41 AM
    Are you pushing down the root CA if it's private? 


    Thanks, 
    Tim


  • 3.  RE: Fail to use Windows 8 Login to auto connect to 802.1x ssid

    Posted Sep 29, 2015 05:47 PM
    Hi Tim,

    Currently no. The root CA is from clearpass or from AD? How can i get that?Thanks.

    Regards,
    Amir


  • 4.  RE: Fail to use Windows 8 Login to auto connect to 802.1x ssid

    Posted Sep 29, 2015 05:49 PM

    Are you only doing 802.1X for AD-joined machines or is it used for other devices as well?



  • 5.  RE: Fail to use Windows 8 Login to auto connect to 802.1x ssid

    Posted Sep 29, 2015 05:53 PM
    Only for join AD machine.

    Regards,
    Amir


  • 6.  RE: Fail to use Windows 8 Login to auto connect to 802.1x ssid

    Posted Sep 29, 2015 06:03 PM
    OK, then you'll want to download the RADIUS server certificate from
    Administration > Certificates > Server Certificate > RADIUS and then push it
    down to the clients via Group Policy as well as configured your 802.1X
    policy to check that certificate.


  • 7.  RE: Fail to use Windows 8 Login to auto connect to 802.1x ssid

    Posted Sep 29, 2015 06:25 PM
    Ok thanks. I will try on this and will update back later.

    Regards,
    Amir


  • 8.  RE: Fail to use Windows 8 Login to auto connect to 802.1x ssid

    Posted Sep 30, 2015 09:25 PM

    i installed the cert in the trusted root certification authorities. But inside the gpo security setting, that cert not appear in the cert list.



  • 9.  RE: Fail to use Windows 8 Login to auto connect to 802.1x ssid

    Posted Sep 30, 2015 09:27 PM
    Did you install the certificate on the machine you're running the GPO
    editor?


  • 10.  RE: Fail to use Windows 8 Login to auto connect to 802.1x ssid

    Posted Sep 30, 2015 09:39 PM

    yes installed and still not appear in the list



  • 11.  RE: Fail to use Windows 8 Login to auto connect to 802.1x ssid

    Posted Sep 30, 2015 09:40 PM

    Did you install it to the user store or the computer store?

     

    Did you completely close out of the GPO editor after installing the cert and then re-open?



  • 12.  RE: Fail to use Windows 8 Login to auto connect to 802.1x ssid

    Posted Sep 30, 2015 09:49 PM

    i've installed in computer store and close the gpo editor.still same



  • 13.  RE: Fail to use Windows 8 Login to auto connect to 802.1x ssid

    Posted Sep 30, 2015 10:07 PM

    you need to import it into the 'Trusted Root Authorities' tab.  https://technet.microsoft.com/en-us/library/cc772491.aspx

     

     

     



  • 14.  RE: Fail to use Windows 8 Login to auto connect to 802.1x ssid

    Posted Sep 30, 2015 10:12 PM

    yes i've already import to that trusted root authorities.



  • 15.  RE: Fail to use Windows 8 Login to auto connect to 802.1x ssid

    Posted Oct 01, 2015 04:09 AM

    You should proably open a case with Microsoft TAC, then.



  • 16.  RE: Fail to use Windows 8 Login to auto connect to 802.1x ssid

    Posted Oct 01, 2015 06:34 AM

    Issue solved. I manually insert the cert inside the internet option rather than double click that cert than install from there. I can found the server cert inside the list and push the gpo. Finally can successful connect to 802.1x wifi using windows login credential. Thanks guy for your assistance.