Controllerless Networks

Reply
Guru Elite

Re: Radius Server Authentication Failure

What is the error message in the event viewer?  When did this problem start happening?  What CA issued the server certificate on the NPS server?  Try unchecking "Validate Server Certificate" on the Windows 802.1x supplicant.


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.4 User Guide
InstantOS 8.3 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Aruba Central Documentation
Sign up for Security Alerts
Aruba Technical Webinars
Occasional Contributor II

Re: Radius Server Authentication Failure

What is the error message in the event viewer?  

Currently, there are no errors NPS is generating. We did have a Type 18 error which has been fixed. The keys are verified as matching in IAP and WS2012 NAP.

 

When did this problem start happening?

The problem became pronounced August 2-3 when a couple Windows 10 devices would not connect.

 

What CA issued the server certificate on the NPS server?  

No external CA was used. The person setup an internally generated certificate.

 

Try unchecking "Validate Server Certificate" on the Windows 802.1x supplicant.

Not sure where to do this at in NAP. I will be looking.

 

Seems like there are 2 wireless policies. Seems odd, but I did not set it up.

 

See screenshots attached of RADIUS configuration on WS2012.

Mr. Perry Lund
Highlighted
Guru Elite

Re: Radius Server Authentication Failure

Uncheck "Must contain the message authenticator attribute".

 

 


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.4 User Guide
InstantOS 8.3 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Aruba Central Documentation
Sign up for Security Alerts
Aruba Technical Webinars
Occasional Contributor II

Re: Radius Server Authentication Failure

Unchecking the box for that option did not fix the issue. However, it is good to know that it should be unchecked. I have a photo of the certificates and found that the person who installed the certificate let the wireless certificate lapse on August 3rd.

 

We regenerated a 1 year personal certificate and attached it to the NAP policy and Windows device can login.

Mr. Perry Lund
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: