cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

User or computer certificate selection for 802.1x

Stefano Colombo
Brass Contributor

‎Jun 26 2023 05:47 AM

‎Jun 26 2023 05:47 AM

User or computer certificate selection for 802.1x

I've set up an NPS, on windows 2019, to be used as Radius server for 802.1x certificate-based autentication.

On NPS I made a connection profile with both Domain Users And Domain Computer so that belonging to one of them should enable to connect to wi-fi, provided that the computer OR the user has a valid Cert.

I found, however, that it seems that the connection only works if "at least" there's the computer certificate.

If a computer has not the certificate but the user does it does not connect.

What is wrong ?

thanks

 

Labels:
1,744 Views
0 Likes
1 Reply
Reply
1 Reply
MathieuVandenHautte

‎Jun 27 2023 08:19 AM - edited ‎Jun 27 2023 08:39 AM

‎Jun 27 2023 08:19 AM - edited ‎Jun 27 2023 08:39 AM

Re: User or computer certificate selection for 802.1x

Hi Stefano,

You have to check these configurations:
1. Certificate via a certification authority

2. NPS - Radius Clients
3. NPS - Connection Request Policy: Condition > NAS Port Type: Wireless - IEEE 802.11 OR Wireless - Other
4. NPS - Network Policy: Condition > Windows Groups (users)
5. GPO: Wireless Network Policy with Authentication Mode: User authentication
6. AccessPoints: WPA-2 Enterprise


Troubleshooting:
Logs on the server can be consulted in Event Viewer > Custom Views > Server Roles > Network Policy and Access Services
Logs on clients can be consulted in Event Viewer > Applications and Service Logs > Microsoft > Windows > WLAN-Autoconfig > Operational

 

Also check my post:

https://techcommunity.microsoft.com/t5/windows-10/windows-server-2019-nps-radius-no-event-viewer-log...

0 Likes
Reply