locked
Windows 10 (1809) WiFi WPA2 enterprise issue RRS feed

 > 

  • Question

  • Question
    Sign in to vote
    0
    Sign in to vote

    Hi all,

    I am facing a strange issue with a specific brand of wireless accesspoints (Sophos) and Windows 10 build 1809. Sometimes those users are able to connect, most of the time they are not.

    The WiFi connection is setup through WPA2 Enterprise and the Radius is handled by Windows server 2012 NPS (also tried with Freeradius on Linux).

    Are there any known issues in 1809 or does anyone have an idea where to troubleshoot?

    (Yes I contacted Sophos, but they refer to Microsoft as this seems to be specific to Windows 10 build 1809).

    After a lot of troubleshooting it looks like the last 4-way handshake is failing between client and accesspoint/wireless-controller.

    Tuesday, April 23, 2019 1:50 PM

Answers

  • Question
    Sign in to vote
    0
    Sign in to vote

    Hi,

    The problem is solved, there was an option "Fast Transition" (802.11r) enabled, disabling this options solved our problem.

    • Marked as answer by Emanuel Muis1 Thursday, May 2, 2019 11:09 AM
    Thursday, May 2, 2019 11:08 AM

All replies

  • Question
    Sign in to vote
    0
    Sign in to vote

    Hello Emanuel Muis1,

    Thank you for posting in this forum.

    The Windows 10 1809 version has recently had no known issues with WiFi.

    You can take a look at this: Windows 10 and Windows Server 2019 update history.

    What is the error message when WiFi cannot be connected? (the error message on the client and the error message in the NPS log)

    After a lot of troubleshooting it looks like the last 4-way handshake is failing between client and accesspoint/wireless-controller.

    What did you do to troubleshoot? What does “the last 4-way handshake” specifically mean?

    Best Regards,

    Leon

    Please remember to mark the replies as answers if they help and unmark them if they provide no help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Wednesday, April 24, 2019 8:19 AM
  • Question
    Sign in to vote
    0
    Sign in to vote

    It is strange that there are no changes in WiFi with the 1809 build, because the only problem seems to be related to that specific build.

    We have tried different RADIUS servers, different TLS versions on the Windows client, different ways to connect manually. Also tried to remove all wireless profiles with regedit, a fresh Windows installation.

    The only logging that brings us closer to troubleshoot the problem comes from the Sophos access point:

    <30>Apr  4 10:21:02 *** hostapd: ath103: STA *** WPA: WPA IE from (Re)AssocReq did not match with msg 2/4

    This looks like the 2nd message from the 4-way WPA2 handshake is failing (after Radius says the credentials are valid), which could be caused by the Windows 10 1809 client (or the access point). After the PEAP authentication is succeeded, the client and accesspoint are trying to secure the connection. That seems to go wrong if I look at the logging of the access point.

    Wednesday, April 24, 2019 3:10 PM
  • Question
    Sign in to vote
    0
    Sign in to vote

    Hello Emanuel Muis1,

    Yes I contacted Sophos, but they refer to Microsoft as this seems to be specific to Windows 10 build 1809

    If Sophos has checked and confirmed it is a problem with Windows 10 1809. I recommend that you submit your question through the Windows 10 Feedback Hub.

    We don't have such a third-party product, so we can't test it for you.

    If it is really the problem with Windows, this may be due to version incompatibility. Then Microsoft will fix this in a later update.

    Best Regards,

    Leon

    Please remember to mark the replies as answers if they help and unmark them if they provide no help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    • Proposed as answer by HK.Leon Wednesday, May 1, 2019 7:07 AM
    Thursday, April 25, 2019 8:33 AM
  • Question
    Sign in to vote
    0
    Sign in to vote

    Hi,

    The problem is solved, there was an option "Fast Transition" (802.11r) enabled, disabling this options solved our problem.

    • Marked as answer by Emanuel Muis1 Thursday, May 2, 2019 11:09 AM
    Thursday, May 2, 2019 11:08 AM
  • Question
    Sign in to vote
    0
    Sign in to vote

    Hi,

    Thank you for your update and good to hear that you have solved this issue by yourself.

    In addition, thanks for sharing your solution in the forum as it would be helpful to anyone who encounters similar issues.

    If there is anything else we can do for you, please feel free to post in the forum.

    Best Regards,

    Leon

    Please remember to mark the replies as answers if they help and unmark them if they provide no help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Friday, May 3, 2019 2:50 AM
  • Question
    Sign in to vote
    0
    Sign in to vote

    Emanuel,

    We had the same exact issues since we upgraded some of our machines to 1809. These machines had no issues in the headquarters but most of them would have problems connected to the same WPA2 Enterprise network at the branch offices. If one of them worked at the remote location, often times 2-3 reboots later it would stop working and usually no amount of troubleshooting would make it connect again. But as soon as you bring it back to the HQ, the issue disappears, until someone takes it back out to a remote branch again.

    We were about to either roll back our Windows 10 1809 upgrade or contact our wireless vendor Cambium Networks, until I found your post.

    Thank you so much for your fix! It sure has saved me a ton of time trying to figure this out!

    Daniel

    Tuesday, December 17, 2019 6:05 PM