Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
489
Views
0
Helpful
3
Replies

wlc + ise 2.0 + 802.1x. Problem: windows 7 can't login automaticly

Peter Handke
Level 1
Level 1

‎06-14-2016 02:43 AM - edited ‎03-10-2019 11:51 PM

Hi,

I have wlc 2504 with authorization active directory via 802.1x with ise 2.0. It was some problem with tls 1.2 so i have applied patches number: 1,2,3. After that i can login from all android os versions, ios and linux  but not from windows 7. I don't have W10 yet.

Windows 7 sees ssid but can't login. If i add ssid by hand, it works for me.  There is some patch or bug in ise 2.0 or in Windows 7 to get full automatic mode ?

thanks for help

Peter

Labels:
0 Helpful
3 Replies 3

nspasov
Cisco Employee
Cisco Employee

‎06-14-2016 08:34 AM

Hi Peter, I have a couple of questions:

1. What type of authentication are you performing? (PEAP, EAP-TLS, etc)

2. What type of certificate are you using on ISE? (Self-signed or signed by a well known CA)

Thank you for rating helpful posts!

0 Helpful

michaellperrin
Level 1
Level 1
In response to nspasov

‎06-14-2016 07:00 PM

Sounds like a cert issue. 

Windows supplicant will not trust any certs by default even ones in the trusted CA store. 

You our need to manually create the wireless connection for it to work. 

0 Helpful

Dustin Anderson
VIP
VIP

‎06-14-2016 08:37 AM

I have been able to use windows 7 and 10 on 2.0.1 and 2.1, One issue I ran into is do you use a valid cert, or self-signed?

For testing we used a self-signed and had to add to server as a trusted CA otherwise windows would not connect for us.

But for more info, how do you onboard windows devices? Do you use AnyConnect? etc.

0 Helpful
Customers Also Viewed These Support Documents