Windows10 clients not able to connect via Radius

Solved
AESL
Comes here often

Windows10 clients not able to connect via Radius

We have been using Meraki for years and all of a sudden last week Windows 10 clients weren't able to connect.  Auth would succeed on the Windows NPS server but on the client side they would get a message saying "Cant connect to this network" or something to that affect.  OSX clients can connect without issue.  

 

Support team found that unchecking 'verify server certificate' allowed them connect.  So the ops team updated both certs and restarted NPS but still some users are getting the same message and unchecking that setting allows them to connect.  

 

Does anyone have any idea what can be done on those Windows 10 clients to allow them to verify the cert and connect?  The cert is valid and the only think I can think of is something changed on those win10 clients that is preventing them installing or validating a new cert?  Note that we have always had a cert on the NPS server and this was never an issue until last week. 

1 Accepted Solution
Brash
Kind of a big deal
Kind of a big deal

Odd that it would happen suddenly.

Have you made any changes on your RADIUS server? The EAP config must have the correct server name.

Other than that, have your root or intermediate certs recently expired? Potentially the problem clients didn't receive a renewed root cert via AD and therefore won't trust the RADIUS server cert.

View solution in original post

2 Replies 2
Brash
Kind of a big deal
Kind of a big deal

Odd that it would happen suddenly.

Have you made any changes on your RADIUS server? The EAP config must have the correct server name.

Other than that, have your root or intermediate certs recently expired? Potentially the problem clients didn't receive a renewed root cert via AD and therefore won't trust the RADIUS server cert.

AESL
Comes here often

We have been using Meraki AP with authentication with radius server and we are not authenticate Windows 10 clients weren't able to connect.  Auth would succeed on the Windows NPS server but on the client side they would get a message saying "Cant connect to this network" or something to that affect.  OSX clients, android client, window os11 version can connect without issue.  

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels