Broken 802.1x Windows Server 2008 R2

I’ve setup a new Windows Server 2008 R2 installation with AD, Certificate Services, NPS, and RRAS. I have setup (using the wizard) the policies for 802.1x authentication using an Airport Extreme as my WAP, making sure that the correct certificate and user groups have access. My wireless clients are able to connect to the WAP just fine, but they become unresponsive when the credentials are sent. I don’t see any errors in the error console. For laughs and giggles, I gave the WAP a wrong shared secret password and Windows properly errors out. After restoring it to the proper shared secret I still don’t see any error even though clients are not able to connect.

I even fired up Wireshark to see what is happening and I see the authentication packets being forwarded on to the server. I also see the server returning what appears to be the certificate, but none of my clients (Windows XP/7, iPhone, etc.) respond to the response sent.

Using an identical setup with a Win2k3 box, I am able to set it up just fine.

Ideas why this isn’t working in Windows 2008 R2?

UPDATE 18 AUG 2009: I decided to do several reinstalls of R2 to no avail. For laughs and giggles I installed a SP2 copy of plain ol’ Windows Server 2008. Using the same exact setup, hardware, network topology, NPS access policies it worked perfectly fine how it was suppose to. I am not entirely sure, but I’m about to chalk this one up as a bug in R2. Has anyone else been able to get 802.1x wireless working on Windows Server 2008 R2???


Havent tried this but something to do with NAP? I was warned that 8021x will be a lot harder to get working in 2008 than 2003 because of NAP.

Source : Link , Question Author : Wayne Hartman , Answer Author : JohnyV

Leave a Comment