Radius Authentication with GoDaddy Certificate

Captain_Murphy
Here to help

Radius Authentication with GoDaddy Certificate

I am migrating my radius server to a new Azure server, so I am setting this back up. Last time, I set up a 2012r2 radius server as a CA and created a certificate directly on the server that I then pushed out with GPO. I am doing basically the same thing again, but with a GoDaddy certificate. I am following the guide here:

https://documentation.meraki.com/MR/Encryption_and_Authentication/Configuring_RADIUS_Authentication_...

 

But I am getting certificate errors on the W10 client when I try to connect. In Event Viewer in W10, I see:

EAP Root cause String: Windows cannot connect to this network
There is a problem with the certificate on the server required for authentication.

 

I am kind of at a loss here. As near as I can tell, I followed the instructions correctly again, radius shows it connecting in the logs, but the client rejects the server.

 

Any ideas?

4 Replies 4
cmr
Kind of a big deal
Kind of a big deal

Did you add the GoDaddy intermediate certificates to the server?

Captain_Murphy
Here to help

I just want to go on record as saying, you're not my real mother.

PhilipDAth
Kind of a big deal
Kind of a big deal

Are you configuring the SSID via group policy?

If so, have you ticked the box saying what is allowed to be the root CA server to be used to verify the RADIUS server certificate, and is that by chance still set to your old enterprise CA certificate?

Captain_Murphy
Here to help

I got it, I forgot to add the intermediate certs on the radius server.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels