2016 NPS Server does not work for a few select devices

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-18-2019 11:19 AM - edited 07-05-2021 09:53 AM
We have a few devices that do not appear to authenticate with our new 2016 NPS server. If we move these devices back over to our legacy 2003/2008 NPS servers, the devices authenticate. I have checked over the settings and and they all appear to be the exact same across each platform. I have engaged the vendor of one of these device types but thought I would throw this out there. This is all setup for PEAP. Historically we have never had to install a certificate on the devices themselves. There are a few devices out there which require the certificate. In this instance one of the devices in question has never needed a certificate before.
Without the certificate the device gives error code 23:
An error occurred during the Network Policy Server use of the Extensible Authentication Protocol (EAP). Check EAP log files for EAP errors.
With a certificate the device gives error code 265:
The certificate chain was issued by an authority that is not trusted.
I have also performed a client debug and have enabled the following:
debug dot1x aaa
debug dot1x events
debug dot1x packet
- Labels:
-
Other Wireless Topics
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-18-2019 12:10 PM
*** Please rate helpful posts ***
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-18-2019 12:36 PM
*** Please rate helpful posts ***

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-18-2019 12:40 PM
I have checked and the same root certs live on both servers in question.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-18-2019 03:23 PM
<<< Please help the community by marking useful posts helpful, or accept as a solution if it resolved your issue >>>
