01-17-2012 12:00 PM - edited 07-03-2021 09:23 PM
I have setup the WLC to authenticate to a MS Server2008 NPS for a WPA2/AES SSID. The connection is successful, but client authentication fails for wrong EAP-type. I believe this indicates a Windows7 client issue. Can anyone tell me the required client setup to satisfy the MS NPS?
Solved! Go to Solution.
01-17-2012 04:45 PM
Ok, you only want to select the EAP type as PEAP. The inner method can be MSCHAPv2. So remove the EAP-MSCHAPv2 from the EAP type list and try the client again.
Steve
01-17-2012 12:02 PM
What type of EAP are you doing on the NPS?
On the client 'smartcard/other certificate' is EAP-TLS Protected EAP is PEAP.
Steve
01-17-2012 12:18 PM
I am not using EAP/TLS I do not have a CA server.
client is set to use:
Microsoft PEAP
secured password (EAP-MS-CHAPv2)
802.1x settings = user authentication only
Mike Fleck
Datanamics, Inc
cell 702-985-5420
01-17-2012 12:39 PM
Just to add to Steves comments. You need a certificate on NPS to do PEAP. Do you have one installed.
01-17-2012 04:16 PM
I checked with the server team and yes, the NPS does have a certificate.
01-17-2012 04:18 PM
MIke,
Can you screen shot the NPS rules and the client setup?
Steve
01-17-2012 04:41 PM
NPS properties attached
01-17-2012 04:45 PM
Ok, you only want to select the EAP type as PEAP. The inner method can be MSCHAPv2. So remove the EAP-MSCHAPv2 from the EAP type list and try the client again.
Steve
01-19-2012 09:33 PM
Thanks for that. I made that change, still had a problem. A friend told me he had issues with AES, so I changed it to TKIP and it worked the first time.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide