cancel
Showing results for 
Search instead for 
Did you mean: 

10.2.0.0 build 189 AD for 802.1x EAP w/ WPA2 Encryption - iOS byod unable to join

garrett_collier
New Contributor III
I am experimenting with using AD for 802.1x as an authentication option as it would allow me to get away from using Windows NPS as Radius. I have successfully configured the AAA Server and SSID and can authenticate both Windows and Android devices, however iPad 12.0 iOS (I do not have any other devices to test with, so problem could be limited to this or, possibly, unlimited) appear to successfully authenticate (receive no errors at AD or in ZoneDirector troubleshooter) but a message displays that the device was unable to join. I, initially, thought it may have something to do with MFP settings, however, changing those did not appear to fix the issue, nor did switching between strict AES or Auto (TKIP+AES) help.
5 REPLIES 5

michael_brado
Esteemed Contributor II
I'd compare logs from a working client and an Apple, and you might see where a response wasn't received, or...

george_murimi
New Contributor II
Hi Garrett,

Could you please point me in the right direction with the AD for 802.1x settings specifically 'server device name'.

I am stuck at this point.I hope you resolved your issues.

garrett_collier
New Contributor III
This was a while back, so my memory is a bit fuzzy on what the solution actually was. I believe the issue was due to the IOS device not trusting the certificate from our NPS server due to it using the machine name and not FQDN. -We use wildcard certs, so this was not something that would work for us.

Can you specify where at you're seeing a field for 'server device name'? Is that when you're setting up the AAA server on zone director or are you in MS NPS?

george_murimi
New Contributor II
Yes, i am seeing this when setting up an AAA server, specifically type 'AD for 802.1x'