Re: Windows Cannot Connect with Cisco WLC with LDAP Authentication 802.1x

Yasir Iqbal · ‎08-29-2018

Dear All,

We have Cisco WLC 2500 series and have configured LDAP authentication 802.1x using Windows Server 2016 Active Directory.

We have followed the link given below as guide. But after that configuration, windows user can not connect with the WLC. When we click on the WLC SSID , a warning message popup ( Warning message also attached). When we click on the connect button of the warning message, windows show "cannot connect to this network"

Moreover all our mobile devices including IOS and android successfully connected with the same WLC. Please guide us to solve the problem.

https://www.cisco.com/c/en/us/support/docs/wireless-mobility/wireless-lan-wlan/211277-WLC-with-LDAP-Authentication-Configurati.html

Yasir Iqbal · ‎08-29-2018

Dear,

Attached Warning.

patoberli · ‎08-30-2018

This message is completely normal and appears if you haven't installed the LDAP (or Radius) server certificate on the clients before connecting to the SSID.
You should compare the shown hash with the hash of the certificate, to make sure it's no rogue AP you're connecting to. Android doesn't always validate the server certificate and thus doesn't show a message. iOS should also print a certificate trust message though.

Yasir Iqbal · ‎08-30-2018

Dear,

Can you guide me how to install the server certificate on the clients so that windows machines connect with the SSID.

patoberli · ‎08-30-2018

Do the clients not connect if you hit "Connect" on the image you posted? That should work.

Yasir Iqbal · ‎09-02-2018

No,

patoberli · ‎09-02-2018

That's unusual. What does the logfile on the NPS (Security Tab) say?
And what does the client logfile say?
And lastly does the WLC log anything?