Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
10890
Views
0
Helpful
3
Replies

Radius, EAP, Windows 10: Can't Connect To This Network

Go to solution
berniebbow1
Level 1
Level 1

‎02-03-2017 09:28 AM - edited ‎07-05-2021 06:30 AM

Standalone AIR-AP1252AG-E-K9, 12.4(25d)JA1. FreeRadius server software is configured for EAP-TTLS.

Windows 10 client fails connecting to network (error message Can't Connect To This Network). No further errors in EventLog.

FreeRadius's log claims that the access was granted. So the AP is to blame.

dot11 ssid staff
   vlan 11
   authentication open eap eap_methods
   authentication network-eap eap_methods
   authentication key-management wpa optional
   accounting acct_methods
   guest-mode

I've been through many radius examples and all of them mention eap_methods but without any further explanation (what is the purpose?).

One example defined dot1x eap profile eap_profile. It's possible to define EAP profile (by adding methods like MD5, mschap). Is it required or recommended?

What are eap_methods and where are they defined? What is their purpose?

What are acct_methods and where are they defined? What is their purpose?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Rasika Nayanajith
VIP Alumni
VIP Alumni

‎02-07-2017 02:38 PM

I suspect this is due to WPA (use TKIP as encryption method). See below post as well

https://answers.microsoft.com/en-us/windows/forum/windows_10-networking/there-is-clearly-a-problem-with-the-win10/a05200dd-09c2-42c3-88bf-f073db9cce15

see if you can get it working with a  WPA2/AES, a sample config should look like below

A1142-1(config)#dot11 ssid TEST
A1142-1(config-ssid)# authentication open eap EAP_MTD
A1142-1(config-ssid)# authentication network-eap EAP_MTD
A1142-1(config-ssid)# authentication key-management wpa version 2
!
A1142-1(config)#interface Dot11Radio1
A1142-1(config-if)# encryption vlan 143 mode ciphers aes-ccm

See this post for detail

https://mrncciew.com/2013/11/14/autonomous-ap-with-external-radius/

HTH

Rasika

*** Pls rate all useful responses ***

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Rasika Nayanajith
VIP Alumni
VIP Alumni

‎02-07-2017 02:38 PM

I suspect this is due to WPA (use TKIP as encryption method). See below post as well

https://answers.microsoft.com/en-us/windows/forum/windows_10-networking/there-is-clearly-a-problem-with-the-win10/a05200dd-09c2-42c3-88bf-f073db9cce15

see if you can get it working with a  WPA2/AES, a sample config should look like below

A1142-1(config)#dot11 ssid TEST
A1142-1(config-ssid)# authentication open eap EAP_MTD
A1142-1(config-ssid)# authentication network-eap EAP_MTD
A1142-1(config-ssid)# authentication key-management wpa version 2
!
A1142-1(config)#interface Dot11Radio1
A1142-1(config-if)# encryption vlan 143 mode ciphers aes-ccm

See this post for detail

https://mrncciew.com/2013/11/14/autonomous-ap-with-external-radius/

HTH

Rasika

*** Pls rate all useful responses ***

0 Helpful

Go to solution
berniebbow1
Level 1
Level 1
In response to Rasika Nayanajith

‎02-10-2017 08:46 AM

see if you can get it working with a  WPA2/AES

That was it. Thank you.

0 Helpful

Go to solution
Rasika Nayanajith
VIP Alumni
VIP Alumni
In response to berniebbow1

‎02-10-2017 10:50 AM

Good to hear.

Glad to see your issue get resolved.

Rasika

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card