Wireless Health - Failed Connections (Failure reason)

Getting noticed

Wireless Health - Failed Connections (Failure reason)

We have configured 802.1X authentication for a corporate SSID. Wireless health shows that there are some Authentication failures. 


If shows that the authentication has failed along with some attributes and values. Is anyone have idea on this attributes?


(I need to know the highlighted fields)

type='802.1X auth fail'









7 Replies 7
Kind of a big deal
Kind of a big deal

It usually means a device is failing to authenticate ...


This is common if it is for smart phones and the user changes their AD password and have not updated the password on their phone yet.

Head in the Cloud

Hi @Shawqy,


Do you have "WPA1 and WPA2" enabled on your SSID WPA encryption mode? If so, I would maybe try "WPA2 Only" and change the minimum bitrate to 24 Mbps (unless you have a need for lower).


Obviously the tale of caution applies; need to pre-check/pro-check any specific hardware after for connectivity.


Thank you,
Peter James

Thanks Peter. There is a requirement for Lower devices

Come to find out the Radius box was only running TLS V1.0 once 1.2 was enabled no more auth errors.


Thank you for the solution.

Just one question about enabling TLS 1.2 on NPS. Should I just add "fc0"(4032) into "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RasMan\PPP\EAP\13" and restart the server? Or there are some more steps to do?

Getting noticed

"vap" is the virtual AP number. Look at your Wireless SSIDs Configuration overview and show all SSIDs. Reading from left to right they are vap=0, 1, 2, 3, etc

Thanks for your response. Is there any idea of num_eap= value?
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.