Solved: Re: User is trying to connect ssid but not prompt username and passwor

palani2010 · ‎01-02-2025

User can't connect ssid with eap-tls authentication method but not prompting username and passwor.

If there is no certificate in client machine did username and password will prompt ?

Note - user is able to connect other ssid where we are using eap-md5

MHM Cisco World · ‎01-02-2025

Eap-tls no need username and password, the client and wlc use Cert. To auth only.

MHM

View solution in original post

MHM Cisco World · ‎01-02-2025

Eap-tls no need username and password, the client and wlc use Cert. To auth only.

MHM

JPavonM · ‎01-03-2025

When a there is no proper wireless profile configured in Windows for a network, Windows finish asking the user to enter credentials, it does not understand if the RADIUS server is only acceptiong PEAP, EAP-TLS or whatever other protocol.

The solution is to deploy (via Intune or GPO) or manually create the wireless profile with the protocol options you accept in the RADIUS server.

Additionally, you need to provision a client/machine certificate to the Windows machine, and install a certificate in the RADIUS server that woould be trusted in the Windows machine (from your internal CA that signed the user/machine cert, or a public CA which may be pre-installed in Windows)

Scott Fella · ‎01-03-2025

Are you using a radius server and if so, what kind of radius. Like what the others mentioned already, PEAP is what you need to use for user/pass, but that requires a radius server and the device trusting the cert that the radius sends back for the negotiation. Might also make is eadier to let us know what your wireless system is model and code version.

-Scott
*** Please rate helpful posts ***

User is trying to connect ssid but not prompt username and password