Frequent Contributor II

Windows Clients Won't Connect to anything


This might not be a Clearpass question per se, but I'm experiencing a problem, while setting up my Clearpass with 802.1x.


It seems that Windows machines will occasionally get into a wierd state, where they won't connect to anything. They won't connect to my 802.1x network  (which they were connecting to just minutes ago). They won't even connect to a WPA2-PSK network.


Whichever network I try to connect to, the wireless twirly ball twirls for a while, and then windows pops up a box that says, "Windows was unable to conec\t to <SSID>" and it graciously offers me the option to troubleshoot the problem.


I don't see the machine auth in Clearpass, so the machine isn't talking out.

Reboots do not fix the problem.


Does anyone know what's required to shake Windows out of this state?





Guru Elite

Re: Windows Clients Won't Connect to anything

Are the drivers up to date? There was some weird behavior like this with a few versions of the Intel driver.

Tim Cappalli | Aruba Security
@timcappalli | | ACMX #367 / ACCX #480
Frequent Contributor II

Re: Windows Clients Won't Connect to anything

Hi Tim:

Thanks for the reply.

I've seen this on two computers so far. It's got to have something to do with the introduction of dot1x in our environment. We ran WPA2-PSK for years without ever seeing anything like this.


And so far, it clears itself up. After about an hour the computer magically connects. So I'm guessing that something needs to timeout.



Frequent Contributor II

Re: Windows Clients Won't Connect to anything

OK, I might have some more data....


This appears to happen whenever the Deny Access profile is activated.

I'm using the system defined [Deny Access Profile] that is set to 'Reject.'


Whenever a user doesn't meet any defined criteria and falls through to this profile, the machine gets disgruntled, and won't connect to anything for 30-60 minutes.


Has anyone heard of this?




Frequent Contributor II

Re: Windows Clients Won't Connect to anything

OK, I'm narrowing in on this issue...

It appears that everytime a machine/user fails autentication, it is blacklisted for 60 minutes in the controller.

And that opens up new questions about the best way to configure blacklisting.


I'll take this up in another thread.


Search Airheads
Showing results for 
Search instead for 
Did you mean: