locked
Can't connect to WiFi after Windows 10 May 2020 update (v.2004) - WPA-invalid-2/4-key-msg RRS feed

  • Question

  • After our laptops update to Windows 10 v2004, they will no longer connect to our WPA2-Enterprise FortiAP WiFi network. We have troubleshooted and checked our RADIUS/NPS settings, and they are correct. The users get authenticated, but the connection fails with this message in the FortiGate Logs:
     
    WPA-invalid-2/4-key-msg
    Probably wrong password entered, invalid MIC in 2/4 message of 4-way handshake from client 
     
    The laptop's event logs report "Dynamic Key exchange did not succeed withing configured time"
     
    Other laptops still on Windows 10 1909 can connect just fine. And if we roll back the Windows 10 update to 1909, it will connect again. If we take the laptop to our other office with Aruba AP's they connect just fine. So it's something to do with the Windows 10 2004 update and the FortiAP 221E Access Points. We just can't figure out how to fix it.
     
    Any ideas or suggestions would be greatly appreciated! Thanks!
    Tuesday, July 14, 2020 1:53 PM

All replies

  • Hello, 

    Please run Network Adapter troubleshooter from Settings app > Update & security > Troubleshoot. Let us know what it reports back. 

    Regards.


    Microsoft MVP (Windows and Devices for IT)

    Windows Insider MVP

    Windows Help & Support [www.kapilarya.com]

    Tuesday, July 14, 2020 2:41 PM
  • Hi,

    Please try this way:

    CMD→ "netsh int ip reset c:\resetlog.txt" or netsh winsock reset

    Then click WiFi icon the right down → Network Settings → Manage WiFi settings

    Scroll down to Manage know networks and select the once which have problem and Forget then try to connect again.

    Hope it helps.

    This "Windows 10 Networking" Forum will be migrating to a new home on Microsoft Q&A, please refer to this sticky post for more details.

    Best regards

    Cherry


    "Windows 10 Networking" forum will be migrating to a new home on Microsoft Q&A!

    We invite you to post new questions in the "Windows 10 Networking"  forum's new home on Microsoft Q&A!

    For more information, please refer to the sticky post.


    Wednesday, July 15, 2020 2:45 AM
  • Hi,

    Just checking in to see if the information provided was helpful. Please let us know if you would like further assistance.

    This "Windows 10 Networking" Forum will be migrating to a new home on Microsoft Q&A, please refer to this sticky post for more details. 

    Best Regards,

    Cherry


    "Windows 10 Networking" forum will be migrating to a new home on Microsoft Q&A!

    We invite you to post new questions in the "Windows 10 Networking"  forum's new home on Microsoft Q&A!

    For more information, please refer to the sticky post.


    Friday, July 17, 2020 5:36 AM
  • Hi,

     

    Just want to confirm the current situations.

    Please feel free to let us know if you need further assistance.

     

    This "Windows 10 Networking" Forum will be migrating to a new home on Microsoft Q&A, please refer to this sticky post for more details. 

    Best Regards,

    Cherry


    "Windows 10 Networking" forum will be migrating to a new home on Microsoft Q&A!

    We invite you to post new questions in the "Windows 10 Networking"  forum's new home on Microsoft Q&A!

    For more information, please refer to the sticky post.


    Monday, July 20, 2020 1:53 AM
  • Hi,

     

    As this thread has been quiet for a while, we will propose it as ‘Answered’ as the information provided should be helpful.

     

    If you need further help, please feel free to reply this post directly so we will be notified to follow it up. You can also choose to unmark the answer as you wish.

    This "Windows 10 Networking" Forum will be migrating to a new home on Microsoft Q&A, please refer to this sticky post for more details. 

    Best Regards,

    Cherry


    "Windows 10 Networking" forum will be migrating to a new home on Microsoft Q&A!

    We invite you to post new questions in the "Windows 10 Networking"  forum's new home on Microsoft Q&A!

    For more information, please refer to the sticky post.


    Wednesday, July 22, 2020 1:41 AM
  • cannot post on the new site.

    We are using a Cisco POE with WPA2-Enterprise security.   All our mobile devices and IoT devices new or old (running MacOS, Android and even BB10 OS) connect without a hitch, however our Win10-2004 laptop refuses to connect.
    We are not using windows logon, but user names and secured password:   AES-CCMP / PEAP/ MSCHAPv2
    Event viewer shows:

    Log Name:      Application
    Source:        Microsoft-Windows-EapHost
    Date:          30-Jul-20 15:49:35
    Event ID:      2002
    Task Category: Peer
    Level:         Error
    Keywords:      Registry
    User:          SYSTEM
    Computer:      DELL_E7440
    Description:
    Skipping: Eap method DLL path validation failed. Error: typeId=43, authorId=9, vendorId=0, vendorType=0
    Event Xml:
    <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
      <System>
        <Provider Name="Microsoft-Windows-EapHost" Guid="{6eb8db94-fe96-443f-a366-5fe0cee7fb1c}" />
        <EventID>2002</EventID>
        <Version>0</Version>
        <Level>2</Level>
        <Task>2</Task>
        <Opcode>0</Opcode>
        <Keywords>0x8000000000000001</Keywords>
        <TimeCreated SystemTime="2020-07-30T19:49:35.9333522Z" />
        <EventRecordID>5001</EventRecordID>
        <Correlation />
        <Execution ProcessID="3976" ThreadID="3224" />
        <Channel>Application</Channel>
        <Computer>DELL_E7440</Computer>
        <Security UserID="S-1-5-18" />
      </System>
      <EventData>
        <Data Name="Key Name">Eap method DLL path</Data>
        <Data Name="TypeId">43</Data>
        <Data Name="AuthorId">9</Data>
        <Data Name="VendorId">0</Data>
        <Data Name="VendorType">0</Data>
      </EventData>
    </Event>

    What should we do to secure a connection?

    In WPA2-Personal security mode there is no issue connecting.
    Thanks.

    Thursday, July 30, 2020 8:01 PM
  • Hello aldebaran12,

    The TypeId=43 information suggests that the authenticator is proposing use of EAP-FAST, which is not supported "out-of-the-box" by Windows 10.

    You need to somehow resolve this mismatch, either by installing software on Windows 10 that implements EAP-FAST or changing the EAP method proposed by the authenticator.

    Gary

    Thursday, July 30, 2020 8:26 PM