Hi guys,
I have lots of dot1x failures on my WiFi SSID with the reasons like below:
type='802.1X auth fail' num_eap='9' first_time='0.027329269' associated='false' radio='1' vap='0'
type='802.1X auth fail' num_eap='8' first_time='0.160289959' associated='false' radio='1' vap='0'
....
And when these failures happen, actually a client drops from Wireless SSID and they have to restart the system or turn off and on the WiFi to be able to connect to WiFi again. This happens only for the SSID that authenticates users with the radius server which is NPS. So generally clients can connect to WiFi but this happens randomly. So my laptop and another laptop are in the same room connecting to the same access point, and the issue happens to my colleague's system but not me. and again vice versa.
I looked around and I found articles like the below which the issue can be solved by enabling TLS 1.2
https://community.meraki.com/t5/Wireless-LAN/Wireless-Authentication-Failure-with-Radius/m-p/48773
Now, not being an expert on NPS or Microsoft, was wondering how can I:
1. check which version of TLS is running on my NPS(I know by default TLS 1 is running)
2. How I can enable my NPS to run TLS1 , 1.1, 1.2 at the same time. For this, I have found a way on google like "https://www.dot11.guru/2020/07/27/enforcing-tls-1-2-for-microsoft-nps-server-2008-2012/" and I have done the change, but still I have the failures and Im not sure if the change actually has happened and TLS1.2 is enabled.
I was wondering if you could give me some help on this. Thank you all in advance.