Thank you all, Credentials Guard was the problem.
Original Message:
Sent: Aug 14, 2024 04:37 AM
From: bosborne
Subject: CPPM - authentication with Dell notebooks
PEAP is deprecated. Is Windows Credential Guard enabled on those clients? It has incompatibilities with PEAP authentication.
With CPM 6.11 & newer, by default there can be some incompatibilities with older TPM chips in clients. I know that affects EAP-TLS. Not sure about PEAP credential storage.
------------------------------
Bruce Osborne ACCP ACMP
Liberty University
The views expressed here are my personal views and not those of my employer
Original Message:
Sent: Aug 13, 2024 12:28 PM
From: Mauzr
Subject: CPPM - authentication with Dell notebooks
Yes, it is same network and same switch. EAP method is PEAP. Supplicant is configured from GPO, so it is same on all machines.
Original Message:
Sent: Aug 13, 2024 11:16 AM
From: chulcher
Subject: CPPM - authentication with Dell notebooks
Are the working and non-working clients connected to the same network? Have the exact same supplicant configuration? What EAP method is being used?
------------------------------
Carson Hulcher, ACEX#110
Original Message:
Sent: Aug 13, 2024 10:59 AM
From: Mauzr
Subject: CPPM - authentication with Dell notebooks
Hi, the clients have Win11 22H1 with Bitdefender installed. And there are latest drivers on all working and not working endpoints. SSID is configured with WPA2. Error is consistent, specific machine can never authenticate on LAN nor WLAN.
Laptops Dell diagnostic didnt find any errors.
Vaclav
Original Message:
Sent: Aug 13, 2024 10:09 AM
From: jonas.hammarback
Subject: CPPM - authentication with Dell notebooks
Hi
- Can you describe a bit more about the clients:
- Do you have the latest drivers for the WLAN NIC installed?
- Is it the same version of drivers on machines that work and machines not working?
- Is your SSID configured with WPA2 or WPA3?
- Is the error consistent, so a specific machine can never authenticate and another have no problem in the same location?
------------------------------
Best Regards
Jonas Hammarbäck
MVP Guru 2024, ACEX, ACDX #1600, ACCX #1335, ACX-Network Security, Aruba SME, ACMP, ACSA
Aranya AB
If you find my answer useful, consider giving kudos and/or mark as solution
Original Message:
Sent: Aug 13, 2024 10:02 AM
From: Mauzr
Subject: CPPM - authentication with Dell notebooks
Dear experts,
We have CPPM as a RADIUS server in our network and we have a problem with Dell Latitude laptops 802.1x authentication. Some models are working well but Latitude 7430 and some 5520 are not able to authenticate. Everytime when I try to authenticate these models on LAN or WLAN there is only timeout in Access Tracker:
When we try the packet capture we found out that the client stop communicating with server after some time, so thats why there is the timeout:
The biggest mystery is that the some of the Latitude 5520 are working and some not. These laptops are identical.
Did someone face this kinf of problem?
Thanks
Vaclav