Wifi infrastructure problem with windows 11 22h2 or 22h3

Question

Wifi infrastructure problem with windows 11 22h2 or 22h3

rz 10

Hi,

Can you tell me if Microsoft will soon create a fix for the corporate wifi issue with Windows 11. This is very blocking for our users. the certificates are however installed correctly on the PC

below the log file on windows. Regards.

Log Name:Microsoft-Windows-WLAN-AutoConfig/Operational Source: Microsoft-Windows-WLAN-AutoConfig Date: 05/01/2024 15:29:29 Event ID: 12013 Task Category:OneXAuthentication Level: Error Keywords: (1024),(512) User: System Computer: XXXXX Description : 802.1X wireless authentication failed.

Network card: Intel(R) Wi-Fi 6E AX211 160MHz Interface GUID: {284792f0-dc99-4e41-8b11-fcf1b95f8e0e} Local MAC address: 08:9D:F4:C4:04:7D Network name (SSID): XXXXX BSS type: Infrastructure Peer MAC Address: B4:5D:50:4B:4D:F2 Identity: host/XXXXX User: Domain : Reason: Explicit EAP failure received. Error: 0x80070285 EAP reason: 0x285 EAP root cause string: An internal authentication error occurred. EAP error: 0x285

Event XML: <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="Microsoft-Windows-WLAN-AutoConfig" Guid="{9580d7dd-0379-4658-9870-d5be7d52d6de}" /> <EventID>12013</EventID> <Version>0</Version> <Level>2</Level> <Task>24014</Task> <Opcode>205</Opcode> <Keywords>0x8000000000000600</Keywords> <TimeCreated SystemTime="2024-01-05T14:29:29.5830515Z" /> <EventRecordID>455</EventRecordID> <Correlation /> <Execution ProcessID="4860" ThreadID="5480" /> <Channel>Microsoft-Windows-WLAN-AutoConfig/Operational</Channel> <Computer>XXXXX</Computer> <Security UserID="S-1-5-18" /> </System> <EventData> <Data Name="Adapter">Intel(R) Wi-Fi 6E AX211 160MHz</Data> <Data Name="DeviceGuid">{284792f0-dc99-4e41-8b11-fcf1b95f8e0e}</Data> <Data Name="LocalMac">08:9D:F4:C4:04:7D</Data> <Data Name="SSID">XXXXX</Data> <Data Name="BSSType">Infrastructure</Data> <Data Name="PeerMac">B4:5D:50:4B:4D:F2</Data> <Data Name="Identity">host/XXXXX</Data> <Data Name="User"> </Data> <Data Name="Domain"> </Data> <Data Name="ReasonText">Explicit EAP failure received.</Data> <Data Name="ReasonCode">0x50005</Data> <Data Name="ErrorCode">0x80070285</Data> <Data Name="EAPReasonCode">0x285</Data> <Data Name="EAPRootCauseString">An internal authentication error has occurred.</Data> <Data Name="EAPErrorCode">0x285</Data> <Data Name="ConnectionId">0x8</Data> <Data Name="ExplicitCredentials">false</Data> </EventData> </Event>

Swen Koopmans 0 Reputation points

2024-04-24T09:59:01.9433333+00:00

Where you able to solve the issue?

I'm seeing the same issue. Windows 10 works fine. Windows 11 works with updates up to 2024-02. When I install 2024-04 it doesnt connect anymore to the wifi if its a certificate based network. A wpa network is fine.
Lars Juhl Andersen 1 Reputation point

2024-05-31T12:11:50.64+00:00

We are experiencing the same issue did anyone find a solution ? thank you
Schmid Kevin 0 Reputation points

2024-06-14T12:19:39.28+00:00

is there a solution?
Bhoy 0 Reputation points

2024-08-16T20:29:59.4366667+00:00

I am having the same problem with version 23H2
James White 0 Reputation points

2025-03-25T06:12:45.58+00:00

I am experiencing the same on Windows 11 23H2, with the same WiFi card. The official knowledgebase information on Device/credential card can be found here: https://learn.microsoft.com/en-us/windows/security/identity-protection/credential-guard/configure?tabs=reg

You have several methods to disable the feature. I had to use the registry keys to do it, the local group policy did not work.

To confirm device guard is on or off, look at System Information (msinfo32) and check the Virtualisation security available security properties value does not have credential guard. If it does, the feature is enabled. If it is not displayed on the value, it is off. When it is off, I can connect to our RADIUS WiFi without issues like on Windows 10.

6 answers

Your answer

Swen Koopmans 0 Reputation points

2024-04-24T09:59:01.9433333+00:00

Where you able to solve the issue?

I'm seeing the same issue. Windows 10 works fine. Windows 11 works with updates up to 2024-02. When I install 2024-04 it doesnt connect anymore to the wifi if its a certificate based network. A wpa network is fine.
Lars Juhl Andersen 1 Reputation point

2024-05-31T12:11:50.64+00:00

We are experiencing the same issue did anyone find a solution ? thank you
Schmid Kevin 0 Reputation points

2024-06-14T12:19:39.28+00:00

is there a solution?
Bhoy 0 Reputation points

2024-08-16T20:29:59.4366667+00:00

I am having the same problem with version 23H2
James White 0 Reputation points

2025-03-25T06:12:45.58+00:00

I am experiencing the same on Windows 11 23H2, with the same WiFi card. The official knowledgebase information on Device/credential card can be found here: https://learn.microsoft.com/en-us/windows/security/identity-protection/credential-guard/configure?tabs=reg

You have several methods to disable the feature. I had to use the registry keys to do it, the local group policy did not work.

To confirm device guard is on or off, look at System Information (msinfo32) and check the Virtualisation security available security properties value does not have credential guard. If it does, the feature is enabled. If it is not displayed on the value, it is off. When it is off, I can connect to our RADIUS WiFi without issues like on Windows 10.

Answer 1

Katy Nicholson 16

I had a similar problem (works fine on Win 10, but not on Win 11) although I had a different error. No amount of tweaking with certificates made any difference. The fix I found was disabling Device Guard in Group Policy:

Computer Config > Policies > Administrative Templates > System > Device Guard > Turn On Virtualization Based Security: Disabled.

Cory Rodarte 0 Reputation points

2024-08-23T22:44:39.16+00:00

Thank you so much been banging my head on this all week!!

Answer 2

Hello,

Does such a problem only happen on Windows 11? Is there any change before problem happens such as update installation, configuration change?

Make sure that the correct internal Root CA certificate is also installed and deployed to the device. And the certificate meets the requirements.

Certificate requirements when you use EAP-TLS or PEAP with EAP-TLS:

https://learn.microsoft.com/en-us/troubleshoot/windows-server/networking/certificate-requirements-eap-tls-peap

Kind Regards,
Karlie Weng

If the Answer is helpful, please click "Accept Answer" and upvote it.

Answer 3

rz 10

hello Karlie,

the wifi infrastructure works correctly on Windows 10, it is only on Windows 11 that we have this problem.

I can't connect to our company wifi at all, however a private wifi (wpa2) with only a password works.

In addition, I confirm that the certificates appear on the Windows 11 PC.

Regrads.

Answer 4

Ivan Chan 0

I have the same issue with Windows 11. Disable Credential Guard resolved the issue.

Set Computer Configuration\Administrative Templates\System\Device Guard to disabled

Answer 5

The local group policy override to disabled didn't work for me, but setting the registry keys to disable Device Guard described in: https://learn.microsoft.com/en-us/windows/security/identity-protection/credential-guard/configure?tabs=reg did work. Setting the following DWORD values and rebooting turned off Device Guard.

Key path: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa

Key name: LsaCfgFlags

Type: REG_DWORD

Value: 0

Key path: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\DeviceGuard

Key name: LsaCfgFlags

Type: REG_DWORD

Value: 0

To confirm Device Guard is disabled in System Information (msinfo32) under Virtualisation-based security services running, the value of "Credential Guard" should not appear in the value column. If it does, the service is running and hasn't been turned off.

Once it was disabled our RADIUS WiFi began working immediately.

Share via

Wifi infrastructure problem with windows 11 22h2 or 22h3

6 answers

Your answer