802.1x wired authentication problem

David Bryant 21 Reputation points
2021-09-09T22:33:13.39+00:00

I have set up a very small test environment to figure out wired device authentication. I am using Windows server 2019 with AD, NPS, CA Unifi Switches with 802.1x enabled, However, I am having trouble getting the authentication to work. Radius Wireless over Unifi APs works just fine, I see information being populated in the accounting logs. Been testing various settings on a Win10 to authenticate against the NPAS server, which also serves as the AD and DNS server, and the same error I see is on the windows box:

Wired 802.1X Authentication failed. The network does not support authentication and 802.1X is enforced in the profile.

Error Code: 0x0

reason: 0x70006

The Prompt that asks for the user name and password never shows up.

The 802.1x settings on the test windows box are set to use Microsoft PEAP connecting

I have the usual setting set under the Authentication tab on the windows Box: Enabled IEEE...

MS Protected EAP (PEAP)

(Self-signed) so Verify the server unchecked

Another odd thing I Have seen on the Windows Box is that if I have the "Local Area Connection Status " window open while trying to authenticate I see 0 for under "Received" and about 17 under "Send".

I am an authenticating users

Any help will be great, I will update this as I do more research, I have looked at all the treads on this site I could find.

Windows Server
Windows Server
A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.
12,171 questions
Accepted answer
  1. Limitless Technology 39,371 Reputation points
    2021-09-10T13:21:41.137+00:00

    Hello DavidBryant,

    You need to execute Advanced troubleshooting 802.1X authentication in order to overcome the prompt issue.

    This troubleshooting technique applies to any scenario in which wireless or wired connections with 802.1X authentication are attempted and then fail to establish. The workflow covers Windows 7 through Windows 10 for clients, and Windows Server 2008 R2 through Windows Server 2012 R2 for NPS.

    Do follow up the below link to execute the troubleshooting.

    https://learn.microsoft.com/en-us/windows/client-management/advanced-troubleshooting-802-authentication

    Hope this answers all your queries, if not please do repost back.
    If an Answer is helpful, please click "Accept Answer" and upvote it : )

    & also do find the NPS Authentication Status using the below link to execute the troubleshooting

    https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc735320(v%3dws.10)

    Regards,

    1 person found this answer helpful.

1 additional answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. David Bryant 21 Reputation points
    2021-09-12T04:40:27.083+00:00

    Not sure where to start on this one, the short answer is @Limitless Technology suggestion was 50% the answer, the rest was the use of Wire Shark mirroring a port to the windows box requesting. the problem ended up being on the windows 10 box and setting up the right CA. there are still bugs, in accounting the User IP Shows as 255.255.255.254! if anyone wants a more detailed on this problem, I could do so kind of step by step on what I did.