Wireless Access

last person joined: 2 hours ago 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

No way for Non Domain computers to authenticate to Wireless

This thread has been viewed 1 times

  • 1.  No way for Non Domain computers to authenticate to Wireless

    Posted May 10, 2018 02:03 PM

    We have two sites, both utilizing Aruba, and we have them authenticating to our NPS server.  As these uses log onto the domain with their Win 10 Pro computers, they are able to browse our "production" network with no issues.  We also have a "guest" SSID that goes directly to the web an a separate VLAN with no authentication.

     

    The question I have, is how do we get non domain computers able to authenticate so we can get them on the production network without adding them to the domain?  We have worked with HP Support on this for a bit, however we havne't been able to come up with a solution.  We can easily connect to this same network with the same Non Domain Laptop.

     

    If I connect to the "production" network with my Android phone, I just put in my domain credentials and it will authenticate to the "production" network, however I can't do the same with my Windows laptop.



  • 2.  RE: No way for Non Domain computers to authenticate to Wireless

    EMPLOYEE
    Posted May 10, 2018 02:05 PM

    The NPS server will say why the client is failing in the event viewer.

     

    With that being said, Windows always guesses the wrong connectivity options for wireless.  Mobile devices and macs are more forgiving.

     

    Non-domain computers require more setup to work.



  • 3.  RE: No way for Non Domain computers to authenticate to Wireless

    Posted May 10, 2018 02:15 PM

    What is odd is that I just turned on my Windows 10 laptop to do some testing and it connected with no issues, and with out prompting.  It is a non domain laptop, so I'm not sure how it authenticated.

     

    The other side of this is that my supervisor has a Windows 7 Pro laptop that he attempted to connect with, and it will not work.  Now I'm even more confused that I was before I started this. . . 

     



  • 4.  RE: No way for Non Domain computers to authenticate to Wireless

    EMPLOYEE
    Posted May 10, 2018 02:18 PM

    Start with the NPS logs.  Windows by default when connecting to a 802.1x SSID will use machine authentication (host/hostname), which will fail on every domain, except the one that the laptop belongs to.  The laptop typically has to be manually configured...this is typical of windows.

     

    1.  Look at the NPS logs to see why it is failing, to start.

    2.  Don't expect Windows machines that are not part of a domain to connect automatically to a 802.1x SSID from a domain that it is not part of.



  • 5.  RE: No way for Non Domain computers to authenticate to Wireless

    Posted May 10, 2018 02:27 PM

    I think it is because I tried to authenticate in the past and it saved the credentials.  I forgot the "production" network, and went back to authenticate again with domain\user and the associated password.  It worked with no issue.

     

    We are looking into the NPS now to see why his is failing the way it is.