I am not sure if this has been asked before. But anyway, here goes: Our Corporate Wireless is a EAP with PEAP-MSCHAPv2. The authentication is from a Windows Server 2008. This server presents the Server Cert which is signed by our Corporate CA. We have
a GP which pushes the CA as Trusted CA to all our clients. We have a GP which also pushes the Server Cert as valid Cert to all the clients. Recently our Server Cert expired. We did not realize that it expired & so did not Revoke the old Server Cert. We
created another Cert, signed from our CA and then started using that as our Server Cert for Radius Authentication. When clients are connecting to the Wireless, the only way we can make it work, is disable "Validate server certificate", connect to wireless,
then enable it again. This time it will pop-up a window stating that additional information about the certificate is required. We click on "Connect" (the other button being "Terminate") & we can connect. This works well until we restart the computer. When
computer is restarted, the wireless stops working & we get the message on our clients stating the wireless could not be authenticated. Putting the computer to Sleep or disconnecting & connecting to some other wireless network all works fine as long
as, once the "Validate server certificate" disabled & enabled. We have tried deleting the certificate & wireless profile from the client certificate store. But that does not help either.
↧