I am trying to get a secure wireless connection going on HTC P3600 device.
The AP's are Cisco 1131AG who are controlled by a Cisco WLC 2006. We are running 802.1x with PEAP authentication. Several co-workers have HTC devices who are able to get their credentials verified. My device does prompt me for the credentials but this request never seems to make it to Radius server. The logs on the controller simply say the authentication failed with unknow reason code 1. I have the necessary server certificates installed. I have tried several ROM's in order to get this problem fixed.
SSID: hidden /broadcasted, WPA/TKIP, IEEE with PEAP. Can any one suggest me if I should use a 3rd party vendor for MSCHAPV2 to function well?
Solved the problem. The WLC controller didnt wait long enough for the PDA to respond. After setting the config advanced eap identity-request-timeout 5 on the WLC system the PDA was able to authenticate itself. Hope this helps anyone out there struggling with the same problem
Related
Hi All,
I have a JarJar WM 5 phone and I can't seem to get PEAP working on the phone with my work network.. My laptop is configured with PEAP and MSCHAPv2 authentication. The client in WM5 allowed you to select PEAP but if click on _Properties_ in the configuration it complains that the network requires a personal certificate to positively identify me although that is not the case with the laptop or any other wireless pc in the building. If I just leave it on PEAP I get a login and password prompt when it connects to the access point. I enter the correct username and password and it attemps to connect for a few minutes and fails. Anyone have it sucessfully working on this type of network?
Thanks!
Eric
Hey Guys,
I have a 8125 from Cingular and when, when i try to log in to my work wireless network, after typying in my username, password and domain, it gets connected and as soon as it does message pops out saying: "cannot log on to the wirells network. This network requires a personal certificate to positively identify you."
so pretty much i can't get connected, what should i do to resolve that?
Here are the network card settings for my work access:
Authentication: WPA
Data Encription: TKIP
802.1x
EAP type: PEAP
thanks
I have the exact same problem as you. I haven't been able to figure it out either. I believe my connection is LEAP though, not PEAP.
ive just set up my home network. I got everything working on the setup, main puter, 3 laptops, XDA mini s and XDA2i. I then added wpa psk with tkip. The laptops and the main puter all work fine but both the XDA's with the password entered just sit there either saying connecting or netwok available. They will not connect. Very very frustrating.
Pete
For some reason using PEAP on a Windows Mobile device requires you to have a Client Certificate installed on the device as well as the server certificate. Luckily the Wizard has a certificate enrollment utility built in (Settings, Connections, Wireless LAN). Make sure the certificate template 'ClientAuth' is enabled on the CA Server.
Obviously you need to enroll whilst the Wizard is connected to your PC and on the network.....
HTH
Andy
We have a corporate WiFi network and our access is protected via Radius server authentication and WPA encryption.
I have done all the necessary steps to import the personal certificate and added the profile on our XDA Mini S model.
Looking at the logs of the Radius server, everything is connecting and authenticating fine. However, the XDA fails to get any IP from our DHCP server. Not sure where the problem lays?
I have tried an access point on the same LAN with all security disabled and open and the XDA gets an IP with no problem.
Please help - this is very frustrating and I want to know if anybody has got their XDA working through a radius server?
Im having a similiar problem, Only mines is with a MDA compact II, I can find all access points no probs, But it seems as if my handset is trying to connect via GPRS instead of the wifi and that is without a sim card present :|
Nah, the issue is different for me. I can connect to an access point that does not use radius authentication fine, and get an IP and use the internet etc.
With radius authentication I am unable to get an IP.
I have been trying to get this working too and talked to XDA about it, however they said that the Atom does not support WPA-EAP
I used to be able to connect to a WPA-PSK network OK but since my ROM upgrade it doesn't work anymore.. Grr.
We are not using WPA-EAP. We are using PEAP authentication, with trusted certificate and WPA TKIP Encryption.
I have not spoken to O2/XDA about this yet. As I have said, authentication works fine, the IAS Radius logs confirm that connection is permitted - its an IP that fails to get associated with the device! Even Static IP seems to connect, but you cannot reach anything on the network.
I wonder how tech-savy the XDA support will be when I do actually ring them?
What is frustrating is the fact that the device explicitly supports this kind of connection (why does it exist in the Wifi settings otherwise) but with all correct settings it just fails on the IP and traffic flow (with static IP)...??
No Bios upgrades done yet? The device is Windows Mobile and all this kind of thing is surely software/OS driven - cannot understand how a bios/rom upgrade would make it work?
Coxy said:
We are not using WPA-EAP. We are using PEAP authentication, with trusted certificate and WPA TKIP Encryption.
Click to expand...
Click to collapse
PEAP is an EAP method - I've been reading up on it
I have not spoken to O2/XDA about this yet. As I have said, authentication works fine, the IAS Radius logs confirm that connection is permitted - its an IP that fails to get associated with the device! Even Static IP seems to connect, but you cannot reach anything on the network.
I wonder how tech-savy the XDA support will be when I do actually ring them?
Click to expand...
Click to collapse
I'm not very impressed with their technical support so far, it's took them a while to _understand_ the problem, let alone try and fix it.
What is frustrating is the fact that the device explicitly supports this kind of connection (why does it exist in the Wifi settings otherwise) but with all correct settings it just fails on the IP and traffic flow (with static IP)...??
Click to expand...
Click to collapse
I tried to connect to a WRT54G running OpenWRT I could see that it would associate fine but would not become authorized - it will appear to 5 seconds and then drop out and try again.
I wonder if there is some timeout that needs to be increase, however I can't find any options in the AP to adjust
No Bios upgrades done yet? The device is Windows Mobile and all this kind of thing is surely software/OS driven - cannot understand how a bios/rom upgrade would make it work?
Click to expand...
Click to collapse
Me either, and it doesn't seem like a particularly uncommon scenario...
(Unless they think workplaces should use WPA-PSK )
I've been struggling with this for a week now. Looking at my laptop as a guide, I've got the connection on my phone set up as follows:
Authentication: Open
Data Encryption: WEP
Key is automatically provided: yes
Uses IEEE 802.1x network access control: yes
EAP type: PEAP
I was given a certificate by the IT guys and it installs fine on my phone under root certificates.
When I attempt to connect to the network, it keeps coming back with an error saying the I need to have a personal certificate to positively identify me. Hmmm...
I do have a certificate! Is there a difference between the root and personal certificates? Do I need a personal certificate for some reason or should the root certificate that I was given suffice?
Any suggestions? This is driving me crazy!
Thanks!
Same here...
I am having the same exact problem!
Me too! Except with WPA2 AES (and WPA TKIP, our AP supports both).
Did you try disabling proxy ?
I have that problem too at my work. The problem is that you will need a username and certificate so that the server will accept you as a user. Now you can only connect but you can't do anything without the username, u see
Hello everyone
Last school year, when I still had the original WM5 ROM on my Uni, I could connect to my school's wifi network that requires:
- WPA-Enterprise (Not WPA2!)
- AES encryption (AES on WPA - not 2 - looks a bit strange, but it«s the way it is setup on Windows 7 that can connect)
- PEAP for the EAP
- The routers are Cisco gear so I suppose they use Cisco LEAP
- No certificate (do not validate server cert)
On WM5, I could connect: I could select WPA on the first dropdown of the network settings, then on the box below that one I selected AES. Next step, I selected PEAP for the EAP type, and Finished. then I added a registry key somewhere so it wouldn't try to validate the server certificate. It asked for my credentials when I tried to connect to the network, and it connected fine and worked well.
Now I use a WM6 ROM, Tomal 8.9. I can select WPA but there is no AES option, only TKIP. I already added the registry key for it not to validate the server certificate, but it isn't even trying to validate the cert - doesn't get to that step, the furthest I could go was having it asking my network credentials in an infinite loop.
Should I try another ROM? (oh, and BTW, I'm sure that the network doesn't use WPA2, but WPA with AES encryption)
Any help is greatly appreciated. Even because I don't have a 3G data plan and the wifi at school was very useful.
Regards
Nevermind. After inputing my network credentials enough times, I could connect using TKIP. But somehow Windows computers are still configured for WPA AES instead of TKIP, which is strange. Anyways, it works now, and that's what matters.