New Contributor

802.1x authentication with domain user



Recently we have setup a new Aruba 650 controller with AP-93 APs for our environment.


We have successfully configure to use 802.1x to authenticate our domain users on our wireless LAN.

But somehow encounter a weird symptom.


Symptom as follows:

Some users using either UPN or pre-Windows 2000 login to their Windows 7, are able to connect to the Wireless LAN.

Whereas some users can only use UPN to login to their Windows 7, then can connect to the Wireless LAN.

On the RADIUS server, the event log will indicate the user name or password is incorrect if users are using pre-Windows 2000 method to login to Windows 7 when try to connect to the Wireless LAN.


All our users have same name for UPN and pre-windows 2000.


Anyone encounter such issue and get it resolved.





Occasional Contributor II

Re: 802.1x authentication with domain user

Long shot but...check the radius requests.  I had my radius server limited to "Ethernet" types so its was being denied as the request wasn't of Ethernet type (I was working with wired access.)


What radius server are you using?



Re: 802.1x authentication with domain user

Can you summarize your AD/RADIUS setup?   From your post, it sounds like users are in the same domain ( you mention same UPN and Pre-Windows 2000 domain).   Is that true?    What is serving your RADIUS?  If it is Windows IAS or NPS, can you attach a copy of a failed and a successful logon for comparison?   If it is another RADIUS server, please do the same for that product.  Also, are the Windows 7 systems you are using in this test case members of the domain; and is the wireless configuration set to prompt them to logon; or is using their currently logged on credentials?


Systems Engineer, Northeast USA

Search Airheads
Showing results for 
Search instead for 
Did you mean: