CommScope RUCKUS Community Forums

garrett_collier · ‎12-10-2018

I am experimenting with using AD for 802.1x as an authentication option as it would allow me to get away from using Windows NPS as Radius. I have successfully configured the AAA Server and SSID and can authenticate both Windows and Android devices, however iPad 12.0 iOS (I do not have any other devices to test with, so problem could be limited to this or, possibly, unlimited) appear to successfully authenticate (receive no errors at AD or in ZoneDirector troubleshooter) but a message displays that the device was unable to join. I, initially, thought it may have something to do with MFP settings, however, changing those did not appear to fix the issue, nor did switching between strict AES or Auto (TKIP+AES) help.

michael_brado · ‎12-10-2018

I'd compare logs from a working client and an Apple, and you might see where a response wasn't received, or...

george_murimi · ‎11-07-2019

Hi Garrett,

Could you please point me in the right direction with the AD for 802.1x settings specifically 'server device name'.

I am stuck at this point.I hope you resolved your issues.

garrett_collier · ‎11-08-2019

This was a while back, so my memory is a bit fuzzy on what the solution actually was. I believe the issue was due to the IOS device not trusting the certificate from our NPS server due to it using the machine name and not FQDN. -We use wildcard certs, so this was not something that would work for us.

Can you specify where at you're seeing a field for 'server device name'? Is that when you're setting up the AAA server on zone director or are you in MS NPS?

george_murimi · ‎11-08-2019

Yes, i am seeing this when setting up an AAA server, specifically type 'AD for 802.1x'

CommScope RUCKUS Community Forums

10.2.0.0 build 189 AD for 802.1x EAP w/ WPA2 Encryption - iOS byod unable to join