Network Authentication failed on Windows 7 Client connecting to AeroHive Wireless, authenticating via Radius server.

Hi,
We are having issues with windows 7 clients connecting to our wireless network, when trying to connect it comes back with the error "Network Authentication failed due to the user account".  when we use another windows OS, or and apple device it asks you to trust the certificate. Once trusted it will connect. The windows 7 client doesn’t asked you to trust the certificate, and returns the above error.

Current set up is we use AeroHive access points  for client to connect to and they authenticate against our radius server.  We have purchased a certificate issued by Go Daddy with a Private key, and imported it in to our radius server.
LVL 1
Colchester_InstituteAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

arnoldCommented:
Is this an AD environment in which case you should push the signing Ca's public root in GPO which will propagate to the system when joined to the domain.
Does the client use certificate to authenticate?

When you say another windows newer or older? Public Ca, make sure the root certificates on the windows 7 system is updated, double check the wireless network configuration on win7 I.e. Type of negotiations it will engage in.
0
Colchester_InstituteAuthor Commented:
We do have an AD environment, but these devices would be bring your own.  and not connecting to our domain.

their need would be to connect there personal laptop / mobile device to our network via wireless to gain internet access only.  using there AD credentials as authentication only.

we have tested it with  windows 8, MS mobile devices, apple devices - all of them come up with the trust certificate.  it just the windows 7 that's just errors and don't give you the option.
0
arnoldCommented:
The issue might be the certificate chain is such that the certificate is seen as untrusted.
export the public certificate and view it on the windows 7.  Try updating the root certificates on the windows 7.

i.e. an intermediary certificate from godaddy or the signer is unknown to the windows 7 or is untrusted.  not sure check the wifi adapter settings does it or will it try to use a certificate to establish the connection in the first place before prompting the user for the login.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Craig BeckCommented:
If you're just using AD credentials this will purely be a trust issue.

The cert chain needs to be imported into the Win7 clients, or you'll need to install a different cert on your RADIUS box which has been issued by an already-trusted CA.

As a workaround you could tell Windows clients to not validate the server cert.  That will let Win7 clients connect, but it's insecure in that anyone could pretend to be your RADIUS.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Wireless Networking

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.