We currently have Meraki wireless between several of our facilities. For our private network, we have laptops authenticating against a MS RADIUS server that sits in our data center.
What we are attempting to accomplish is to be able to take a brand new laptop, straight out of the box, and connect to our private network. When we try to connect, it prompts us for our windows credentials, which it should. Upon entering them, it simply states cannot connect and asks you to retry. This will continue to happen until the client is physically plugged into the LAN and connected to the domain.
Every client we have tried this on has reported the error below:
The certificate received from the remote server was issued by an untrusted certificate authority. Because of this, no data in the certificate can be validated. The SSL connection request failed.
The certificate is a self-signed cert. However I have tried using a registered certificate as well but to no avail.
I have tried importing the certificate directly into the client and it still doesn't authenticate correctly. If I bypass the cert, in the connection settings of the client it connects without any issues since there is no certificate to validate (naturally).
On the RADIUS server itself, we have two options configured for allowing connections to the server.
- domain users group is allow, which every domain user is in.
- 802.xx connections are allow for network adapters.
There may be an underlining issue I am missing here with the two above groups. Any advice on this situation would be greatly appreciated.