Laptops unable to connect to wireless


Our school district's Windows 7 laptops are unable to connect to the wireless with the "validate server certificate" setting enabled under the wireless properties. If I uncheck that box the laptop is able to connect. With about 1000 laptops unchecking that on all will be a pain. Would adding a certificate to the NAC solve this problem?

9 replies

Userlevel 7
Hi Kent,

as it isn't clear from your post my assumption is that ...

The Win7 laptop is connected to a SSID which is using 802.1X PEAP and is authenticated via the NAC which has a conenction to a databse (i.e. LDAP) to check the accounts.

Correct ? If not please let us know how the systems interwork which each other.

-Ron
Yes, that is correct.
Userlevel 6
Kent

You'll need to either deploy the CA certificate to the clients trusted certificate store or uncheck the validate server certificate box, which I think can be done via Group Policy definition.

The problem seems to be that the client can't match the server certificate as a trusted one, this is why it works when the client is told not to validate the server certificate it works.

This article might help: https://gtacknowledge.extremenetworks.com/articles/Solution/802-1x-User-PEAP-User-Rejected-in-NAC

-Gareth
Userlevel 7
For reference if needed.... https://technet.microsoft.com/en-us/library/Dd283093(v=WS.10).aspx & https://www.microsoft.com/en-us/download/details.aspx?id=3365
Is there a was to export the current certificate in NAC so I can deploy it on a laptop?
Userlevel 6
Kent Sapp wrote:

Is there a was to export the current certificate in NAC so I can deploy it on a laptop?

Where is your root CA, if NAC is terminating 802.1X the certificate will be self signed and probably not what you want?

This article might help: https://gtacknowledge.extremenetworks.com/articles/How_To/How-To-Update-NAC-Internal-Communications-...
Just an update. We got a certificate from GoDaddy and added the wireless settings to a gpo. Our laptops are now connecting without issue. Thank you for all your advice.
Userlevel 7
Kent Sapp wrote:

Just an update. We got a certificate from GoDaddy and added the wireless settings to a gpo. Our laptops are now connecting without issue. Thank you for all your advice.

Hi Kent, Thanks for coming back and updating the thread. Glad to see you got it sorted out!
yes, that is right.
the laptop is not connected to wireless. I having some problem with my laptop. So, I contact the canon printer support. They resolve it and set up settings. If any user wants to queries contact with canon printer support. they support of all users.

Reply