cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1898
Views
0
Helpful
12
Replies

Windows 10 cannot connect SSID 802.1X. Using WLC's local user

daocongtrung
Level 1
Level 1

Hi everybody.

I'm having problems authenticating a windows 10 computer with wifi.

The SSID is configured using the local user created on the WLC 5508 (8.5.164.0) for wifi authentication. Everything worked fine until recently, all Windows 10 computers failed to authenticate to connect. Here is the log that WLC recorded:

*Dot1x_NW_MsgTask_1: Jan 04 10:57:54.484: %DOT1X-3-ABORT_AUTH: [PA]1x_bauth_sm.c:487 Authentication Aborted for client 28:39:26:2b:86:e9 Abort Reason:DOT1X RESTARTED DUE TO EAPOL-START/CLIENT ROAM.

I have upgraded the firmware to the new version 8.5.171 but the error is still not resolved.

Here is the event log on Windows 10 computer.

1.PNG

Has anyone encountered this case?

 

12 Replies 12

Scott Fella
Hall of Fame
Hall of Fame
Does any other device connect fine, like a mobile or tablet, even maybe a Windows 11 machine? This way you can at least isolate if it might be a Windows 10 issue versus something that broke on the controller. Any updates or reboots happened?
-Scott
*** Please rate helpful posts ***

All other devices (mobile, tablet, laptop Windows 11 ) connect normally.

The error occurs when there isn't any error on the WLC.

I have consulted a lot of topics but most of them talk about errors when authenticating with Radius. But here we use the local user of WLC.

I add information that Windows 10 can connect when installing Cisco Any Connect.

JPavonM
VIP
VIP

This could be due to issues with the Realtek driver or with the adapter's hardware, or driver-Windows compatibility issues, or Windows issues with the supplicant itselft.

Try updating the wNIC drivers, if not try using an exterrnal wireless dongle, and finally try re-imaging the laptop.

 

I have tried with many windows 10 laptops. All of them have this error.

There is no problem with the SSID using WPA2.

Windows 10 laptops can connect normally. Only had an authentication problem with SSID using 802.1X

JPavonM
VIP
VIP

How do you connect to the SSID? Have you tried to manually create the wireless profile in Windows with the proper settings ?(certificate validation, user/machine auth, ...)

By the way, you mentioned in the first post that it all started recently so I presume it was working fine in your previous AireOS code and then the issue appeared, so you moved forward the WLC to a newer code to see if that were fixing the issue.

If that is the case, and you didn't modify anything in the configuration, then it seems something related to Win10 and patch updates so I would recommend you to open a support case with the manufacturer (HP, Lenovo, Dell) or with MS.

Well, even if I reinstalled the computer's operating system according to the previous version, it would not solve the problem.

Nothing has changed in terms of configuration or version of WLC and AP.

I tried connecting manually. The result is still impossible to connect.

Well it seems like something might have been pushed to the Windows 10 devices. If all other devices work fine, then I really don’t think that the issue os with the controller or configuration since nothing has changed.
-Scott
*** Please rate helpful posts ***

Jessie Escobedo
Level 1
Level 1

I am also getting the same error message:

 Fri Apr 21 18:55:36 2023AAA Authentication Failure for Client MAC: 70:1a:b8:5a:28:50, Username:DOMAIN\xxxxxxx, User Type:WLAN USER, Reason:Authentication failed

I have upgraded the Cisco WLC 3504 to 8.10.183.0,  I have just join this client and they informed me this has been happening for almost 2 years. I cannot open a Cisco TAC case because the client decided to buy the WLC through another vendor.  Any suggestions?

Open a new thread please with more information including radius logs and more info of the issue from what the user has told you.

-Scott
*** Please rate helpful posts ***
Review Cisco Networking for a $25 gift card