Windows 8.1 and EAP-TLS Issue (not working after upgrade)
Hello,
we are facing an issue with windows 8.1 using 802.1x EAP-TLS authentication, before upgrading to 8.1 (running 8) it was working fine with no issues, now after some clients upgraded to 8.1 they are not able to authenticate and always shows "timeout"
in the RADIUS Server, those clients were 100% working fine with window 8 and all the other windows versions are working fine.
we have re installed the client and root certificate again, when trying to access it asks to choose the client certificate and we are choosing the correct one which proves that it is installed and available (this is in machines having multiple
client certificates like mine)
Any similar issue reported or identified ???? please help
October 27th, 2013 7:53am
Hi,
We would take some time to do more research on this issue, and give you an update as soon as possible.
Before going forward, please try to exit the domain and re-join to check the resu
October 29th, 2013 6:07am
Hi,
The machines are not joined to the domain, it is affecting multiple sites, EAP-TLS only, if they are using EAp-PEAP it works fine so there is something with the client certificate from the windows system.
October 29th, 2013 7:41am
October 29th, 2013 8:46am
Hi Andre,
that link you provided is talking about using WPA-TKIP for encryption which i'm not using, i'm using WPA2-AES which should be fine, and EAP is still supported only the lower encryption is removed.
October 29th, 2013 9:00am
Client Certificate is installed correctly, again the device was working fine before upgrading it stopped connecting after the upgrade, we are using Aurba Clearpass for auto provisioning of the device and deploying of Client certificate.
Hi Kate,
Any update on this issue and the research ??
Thanks
November 5th, 2013 11:22am
There appears to be a bug with EAP-TLS. Until Microsoft fixes it, try EAP-PEAP instead. Apparently it works.
November 12th, 2013 5:23am
Are you sure about the bug thing ?? any official response from Microsoft ?
Thanks
November 14th, 2013 10:22am
I am sorry for that not all of the bug was published right now.
November 26th, 2013 11:44am
I had a similar problem with freeradius and PEAP or TTLS. After checking "network uses preauthentication" it worked. I didn't need to do this in Win7 or Win8 but in Win8.1.
November 27th, 2013 11:10pm
Did you use SHA-1 or SHA-2 user certificate?
March 4th, 2014 6:52pm