Security

Reply
Aruba

Re: Windows 8.1 Onboard Support

You cant say that it doesn't work on all devices If it works fine on aruba equipment.

1st I would test those same models on the aruba wifi and see if you have the same issue.

I would suggest you work with the other vendors support to troubleshoot their equipment. Usually it comes down to the auth acls that you are using and make sure you have OCSP allowed in the firewall.
Thank You,
Troy

--Give Kudos: found something helpful, important, or cool? Click Kudos Star in a post.

--Problem Solved? Click "Accepted Solution" in a post.
Aruba

Re: Windows 8.1 Onboard Support

There are a lot of post online if you google it saying its a known issue with Microsoft and I would check to see if the have a fix coming soon.

Here is one of many out there

http://social.technet.microsoft.com/Forums/windows/en-US/884bd094-de2d-49a0-80bd-e2e0e8741a50/windows-81-and-eaptls-issue-not-working-after-upgrade?forum=w8itpronetworking
Thank You,
Troy

--Give Kudos: found something helpful, important, or cool? Click Kudos Star in a post.

--Problem Solved? Click "Accepted Solution" in a post.
Frequent Contributor I

Re: Windows 8.1 Onboard Support

The envirenment is Actually multiple schools with different laptop models all having the issue with windows 8.1 only, I have my own laptop tested on Cisco and HP shows timeout on clearpass, while in Aruba it works but it actualy take long time to get authenticated.

 

The Auth ACL allowing full access to clearpass which is the OCSP, no firewall on the WLC nor HP controller nor on the client machine all disabled.

 

The post mentioned on microsoft website is acutally mine :) and this is what is confusing me, it works with Aruba so how come the bug is not showing with Aruba Wireless ?! 

 

Thanks for the help and your replies, i want to understand this to at least convense the customer that it is a windows bug since it works fine with Aruba :(

Aruba

Re: Windows 8.1 Onboard Support

I would suggest you open a post in the education forum and see any of the other universities have ran into the same issue and what they did to fix it.

I do know that Cisco has a latency requirement and if the tls transaction doesn't complete in a certain time period it will time out.

Thank You,
Troy

--Give Kudos: found something helpful, important, or cool? Click Kudos Star in a post.

--Problem Solved? Click "Accepted Solution" in a post.
Occasional Contributor I

Re: Windows 8.1 Onboard Support

Hi All,

 

Happy new year for you guys.

 

Is there any update ragarding this issue?

I facing the same problem as well, but my environment is using Aruba controller.

Only windows 8.1 having authentication issue.

If I check in the access tracker the Windows 8.1 is having a timeout status.

 

Frequent Contributor I

Re: Windows 8.1 Onboard Support

Hi,

I found a workaround and works perfectly, generate a new server certificate and make sure the SHA 1 key is set to 1024 only. it should work fine after that
Occasional Contributor I

Re: Windows 8.1 Onboard Support

Hi Soliman,

 

Thank you for your fast response.

 

So I might need to generate a new server certificate and do re-onboard all the end devices to make it work?

The work around is quite tedious.

Is there any confirmation from Aruba team regarding this solution for Windows 8.1?

 

Warmest regards,

Erik

 

 

Frequent Contributor I

Re: Windows 8.1 Onboard Support

no need to re onboard any device since the CA and the client certificates are not changing. only new server certificate from the onboard CA.
Frequent Contributor I

Re: Windows 8.1 Onboard Support

I have tested this in multiple working site that had onboarded devices already and worked with no issues, if you want to be in a safe side export the existing sever certificate then generate a new signing request using sha1 1024 and sign it from the onboard CA if u r using it. then apply it to the server and check, if any issue just upload/import the old server certificate.
Frequent Contributor I

Re: Windows 8.1 Onboard Support

the clients certificates are getting generated and signed from the CA which we are not doing any change on it.

And this bug is a windows 8.1 bug but not confirmed yet, check the event logs from the client machine you will find that the SSL service is getting crashed then another log showing that the windows machine couldn't verify the server certificate.. this only happens with windows 8.1 machines.
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: