This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(6.4, 25%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAG%3C/text%3E%3C/svg%3E)
Hello everyone,
Let me explain my issue.
I configured a GPO to apply 802.3x "settings" (Computer Configuration, Policies, Windows Settings, Security Settings, Wired Network (IEEE 802.3) Policies with "Microsoft: EAP-TEAP" as a Network Authentication method:
Long story short: Windows 11 applies the GPO but Windows 10 fails.
Long story short: Windows 11 applies the GPO but Windows 10 fails.
I also created a LAB: same results.
I tried with both 20H1 (first windows 10 version to support TEAP) and 22H2 versions and I get the same behavior.
Basically on a W11 client everything works and by looking at settings everything is configured as per GPO ("this settings is managed by your administrator"):
On a W10 client the GPO seems to be completely ignored: also Network Authentication revert to "Microsoft: PEAP (Protecetd EAP)":
The strange thing is that this only occurs if I select a Root Certificate in the "TEAP Properties" window (see above) and if I select "Microsoft EAP: TEAP" as Network Authentication method: if I don't select any Root Certificate in the "TEAP Properites" window the GPO is also applied to Windows 10.
Please notes that I have a standalone Offline root CA and an Enterprise Issuing CA (2-tier PKI hierarchy) but even if I select a public Root Certificate (ie Entrust) I get the same.
Any help would be much appreciated.
Thank you very much.
Andrea
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(265.6, 52%, 35%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAH%3C/text%3E%3C/svg%3E)
Hi
Did you ever get this to work?
I have a Windows 11 test computer with EAP-TEAP working but not Windows 10
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(252.8, 72%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJ%3C/text%3E%3C/svg%3E)
You got either part working for Windows 10?
in our environment the wired worked via the GPO, but wireless would have none of it
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(67.2, 68%, 16%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ELT%3C/text%3E%3C/svg%3E)
Hello there,
To configure TEAP (Tunneled Extensible Authentication Protocol) settings using Group Policy Objects (GPO) on Windows 10, you can follow these steps:
Open the Group Policy Management Console:
Press the Windows key + R, type gpmc.msc, and press Enter.
Create or edit a Group Policy Object:
Expand the desired domain, right-click on the Organizational Unit (OU) or the domain, and select "Create a GPO in this domain, and Link it here" or "Edit" if the GPO already exists.
Navigate to the TEAP settings:
In the Group Policy Management Editor window, navigate to:
java
Copy code
Computer Configuration > Policies > Windows Settings > Security Settings > Wireless Network (IEEE 802.11) Policies
Configure TEAP authentication settings:
Right-click on the "Wireless Network (IEEE 802.11) Policies" node, select "Create A New Wireless Network Policy for Windows Vista and Later Releases," and provide a name for the policy.
In the "Wireless Network Policy Properties" window, go to the "Security" tab.
Under "Choose a network authentication method," select "Microsoft: Protected EAP (PEAP)" from the dropdown list.
Click on the "Settings" button next to "Microsoft: Protected EAP (PEAP)."
In the "Protected EAP Properties" window, go to the "General" tab.
Under "Select an authentication method," choose "Microsoft: Secured password (EAP-MSCHAP v2)."
Click "OK" to close the "Protected EAP Properties" window.
Configure TEAP Root Certificate (if applicable):
If you need to specify a Root Certificate for TEAP authentication, go to the "Root certificate" tab in the "Protected EAP Properties" window.
Click on the "Add" button and select the appropriate Root Certificate from the certificate store.
Click "OK" to close the "Protected EAP Properties" window.
I used AI provided by ChatGPT to formulate part of this response. I have verified that the information is accurate before sharing it with you.
Hope this resolves your Query !!
--If the reply is helpful, please Upvote and Accept it as an answer--
Hello,
thanks for your answer, anyway I need to create a policy for Wired networks not Wireless.
Also, I already created a GPO but I need "Microsoft: EAP-TEAP" ad "Network Authentication method":
If I do so, the GPO works on Windows 11 clients but not on Windows 10 clients.
This is the issue I'm facing and I'm experiencing the same issue on a newly created clean lab, as already stated.
Thank you.
Andrea
Hello, we are also having this issue, has anyone resolved it?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(19.2, 98%, 11%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EM3%3C/text%3E%3C/svg%3E)
Is it possible to set Microsoft:EAP-TEAP using settings in GPO ?
Which version of Windows Server allows configuration?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(169.60000000000002, 74%, 26%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EWJ%3C/text%3E%3C/svg%3E)
Hello, we are also having this issue, has anyone resolved it?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(252.8, 85%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EYV%3C/text%3E%3C/svg%3E)
Hello, we are also having this issue, has anyone resolved it?
hello
is it just wireless you are having issues with?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(6.4, 19%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EEL%3C/text%3E%3C/svg%3E)
Alguém conseguiu resolver em windows 10?
yes we have this working for both Windows 10 wired and wireless.
if people are still having issues please give me shout and I can go through what we did in more detail.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(214.4, 25%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EBT%3C/text%3E%3C/svg%3E)
Can you post the solution to Win10 wireless? I have been scratching my head on this for a week now.
