authentication fails in windows 7 with 802.1X with Meraki RADIUS

Solved
CarOneAdmin
Here to help

authentication fails in windows 7 with 802.1X with Meraki RADIUS

Dear Colleagues,

 

I have an issue with the meraki radius log (with user & password) on laptops with windows 7 professional x64 bits

The problem happens with one`s try to connect to the network, at the moment appears a message of security alert of windows.

Once i proceed with "connect" appears a new message saying "the device cannot conect to the network", please see the images for more knowledge.

 

Really i dont know what to do

 

Regards!CAPTURA 1.JPG

 

CAPTURA 2.JPG

 

CAPTURA 3.JPG

 

CAPTURA 4.JPG

 

CAPTURA 5.JPG

 

CAPTURA 6.JPG

 

1 Accepted Solution
PhilipDAth
Kind of a big deal
Kind of a big deal

On one of your Windows 7 machines, try manually updating the root certificates (I would prefer you used Windows Update instead ...).

 

http://dreamlayers.blogspot.co.nz/2009/12/windows-7-cant-always-automatically.html

 

Basically:

1. Download http://download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/rootsupd.exe

2. Extract the files using the command rootsupd.exe /c /t:C:\temp\extroot

3. from c:\temp\extroot run the following 4 commands (from an elevated prompt)

updroots.exe authroots.sst

updroots.exe updroots.sst

updroots.exe -l roots.sst

 

updroots.exe -d delroots.sst

View solution in original post

11 Replies 11
PhilipDAth
Kind of a big deal
Kind of a big deal

Alas I can only understand English.

 

But it looks like you have a certificate issue.  Have you got all the Windows updates applied?  You might be missing a root certificate update.

 

Are you using an internal RADIUS server?

CarOneAdmin
Here to help

PhillipDAth,

 

Nice to meet you. Yes, looks like a certificate problem. On this enterprise we use Windows 7 Professional x64 Service Pack 1 But i dont know if is updated to date. For other way we dont have an internal radius server we only have the service router in cloud.

 

Regards.

MRCUR
Kind of a big deal

Try creating a manual connection to the network and deselect the option to verify the certificates under "Settings" on the security tab of the connection. 

MRCUR | CMNO #12
CarOneAdmin
Here to help

MRCUR,

 

Thanks for the response. I have only one week whit this system. If you could give me more details to do that, i think could do it.

 

Greetings.

MRCUR
Kind of a big deal

CarOneAdmin
Here to help

Hi, i did that instructive says Click the "Start" menu. Navigate to Control Panel>Network and Internet>Network and Sharing Center>Manage Wireless Networks. Click "Add". Select "Manually create a network profile". Enter the SSID name in the "Network name:" field. Select "WPA2-Enterprise" in the "Security type:" drop down. Select your encryption type from the "Encryption type" drop down. Click "Next". When "Successfully added" appears "Click Change connection settings". Select the "Security" tab. Click the "Advanced settings" button. On the "802.1x settings" tab, check the box "Specify authentication mode" and choose "User Authentication" from the drop down. Click "OK". Back on the "Security" tab, make sure "Choose a network authentication method" is set to "EAP (PEAP)" and then click the "Settings" button. For "Protected EAP Properties" uncheck "Validate server certificate" or if you choose to validate server certificate make sure "Go Daddy Class 2 Certification Authority" and/or "http://valicert.com" is checked in the "Trusted Root Certification Authorities" list. Click the "Configure" button. Uncheck "Automatically use my Windows logon name". Click "OK" to close all the open dialog boxes. but it didn`t result positive to me, the problem persist Regards!
PhilipDAth
Kind of a big deal
Kind of a big deal

On one of your Windows 7 machines, try manually updating the root certificates (I would prefer you used Windows Update instead ...).

 

http://dreamlayers.blogspot.co.nz/2009/12/windows-7-cant-always-automatically.html

 

Basically:

1. Download http://download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/rootsupd.exe

2. Extract the files using the command rootsupd.exe /c /t:C:\temp\extroot

3. from c:\temp\extroot run the following 4 commands (from an elevated prompt)

updroots.exe authroots.sst

updroots.exe updroots.sst

updroots.exe -l roots.sst

 

updroots.exe -d delroots.sst

CarOneAdmin
Here to help

Thank you,

 

Actually at this day. i have the last updates of windows seven on this machine.

but this link didn`t work

 

http://download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/rootsupd.exe

 

i am thinking if is not a problem about my internet provider or is a meraki configuration problem

somethimes with this SSID y have microcuts. for example of 180 packets send i have 10 or 15 losts.

 

If you want y can take screenshots of this SSID configuration.

 

Regards!

 

 

nealgs
Building a reputation

Did you ever get this working CarOneAdmin??

 

We are having same issues, but with Win 10 and Win 7 laptops.

 

Setup new SSID using 802.1x and meraki authentication.  Mobile devices connect fine, but Win10 and Win7 laptops either say connecting...... for ages or come up with Certificate related issues same as those you posted.

 

Win7 machine fully updated as is Win 10 machine.

 

We want to be able to setup two Wifi SSIDS, internal and guest.  Internal we'd like only those devices registered in Meraki MDM to be able to access, don't want to have to type userid or passwords etc, Just basically, if registered in MDM, then devices is allowed to connect to the Wifi SSID, not registered, no connection.

 

As said, this does work for Mobile (IPhones tested currently) but not on laptops.

 

Any help appreciated

 

cheers

Gary

Blake7
New here

I know this thread is quite old, but did anyone find a solution for Windows 7 Pro computers, Our Windows 10 Pros can connect no problem. I've installed the windows updates, checked the date and time, and installed the latest root certs. But still struggling to get this working.

 

Can anyone help ?

 

Meraki Error.PNG

Blake7
New here

For anyone who finds this, I solved my problem by upgrading the WiFi drivers to the latest available. Lenovo's drivers were dated 2012 I upgraded using drivers downloaded directly from Intel's website. With the latest version installed the drivers were updated to 2017 and the problem is no longer happening.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels