Wifi infrastructure problem with windows 11 22h2 or 22h3

rz 10 Reputation points
2024-01-05T14:45:43.4533333+00:00

Hi,

Can you tell me if Microsoft will soon create a fix for the corporate wifi issue with Windows 11. This is very blocking for our users. the certificates are however installed correctly on the PC

below the log file on windows. Regards.

Log Name:Microsoft-Windows-WLAN-AutoConfig/Operational Source: Microsoft-Windows-WLAN-AutoConfig Date: 05/01/2024 15:29:29 Event ID: 12013 Task Category:OneXAuthentication Level: Error Keywords: (1024),(512) User: System Computer: XXXXX Description : 802.1X wireless authentication failed.

Network card: Intel(R) Wi-Fi 6E AX211 160MHz Interface GUID: {284792f0-dc99-4e41-8b11-fcf1b95f8e0e} Local MAC address: 08:9D:F4:C4:04:7D Network name (SSID): XXXXX BSS type: Infrastructure Peer MAC Address: B4:5D:50:4B:4D:F2 Identity: host/XXXXX User: Domain : Reason: Explicit EAP failure received. Error: 0x80070285 EAP reason: 0x285 EAP root cause string: An internal authentication error occurred. EAP error: 0x285

Event XML: <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="Microsoft-Windows-WLAN-AutoConfig" Guid="{9580d7dd-0379-4658-9870-d5be7d52d6de}" /> <EventID>12013</EventID> <Version>0</Version> <Level>2</Level> <Task>24014</Task> <Opcode>205</Opcode> <Keywords>0x8000000000000600</Keywords> <TimeCreated SystemTime="2024-01-05T14:29:29.5830515Z" /> <EventRecordID>455</EventRecordID> <Correlation /> <Execution ProcessID="4860" ThreadID="5480" /> <Channel>Microsoft-Windows-WLAN-AutoConfig/Operational</Channel> <Computer>XXXXX</Computer> <Security UserID="S-1-5-18" /> </System> <EventData> <Data Name="Adapter">Intel(R) Wi-Fi 6E AX211 160MHz</Data> <Data Name="DeviceGuid">{284792f0-dc99-4e41-8b11-fcf1b95f8e0e}</Data> <Data Name="LocalMac">08:9D:F4:C4:04:7D</Data> <Data Name="SSID">XXXXX</Data> <Data Name="BSSType">Infrastructure</Data> <Data Name="PeerMac">B4:5D:50:4B:4D:F2</Data> <Data Name="Identity">host/XXXXX</Data> <Data Name="User"> </Data> <Data Name="Domain"> </Data> <Data Name="ReasonText">Explicit EAP failure received.</Data> <Data Name="ReasonCode">0x50005</Data> <Data Name="ErrorCode">0x80070285</Data> <Data Name="EAPReasonCode">0x285</Data> <Data Name="EAPRootCauseString">An internal authentication error has occurred.</Data> <Data Name="EAPErrorCode">0x285</Data> <Data Name="ConnectionId">0x8</Data> <Data Name="ExplicitCredentials">false</Data> </EventData> </Event>

Windows 11
Windows 11
A Microsoft operating system designed for productivity, creativity, and ease of use.
11,747 questions
{count} votes

6 answers

Sort by: Most helpful
  1. Katy Nicholson 16 Reputation points
    2024-08-21T11:35:58.17+00:00

    I had a similar problem (works fine on Win 10, but not on Win 11) although I had a different error. No amount of tweaking with certificates made any difference. The fix I found was disabling Device Guard in Group Policy:

    Computer Config > Policies > Administrative Templates > System > Device Guard > Turn On Virtualization Based Security: Disabled.

    3 people found this answer helpful.

  2. Anonymous
    2024-01-09T01:57:44.67+00:00

    Hello,

    Does such a problem only happen on Windows 11? Is there any change before problem happens such as update installation, configuration change?

    Make sure that the correct internal Root CA certificate is also installed and deployed to the device. And the certificate meets the requirements.

    Certificate requirements when you use EAP-TLS or PEAP with EAP-TLS:

    https://learn.microsoft.com/en-us/troubleshoot/windows-server/networking/certificate-requirements-eap-tls-peap

    Kind Regards,
    Karlie Weng


    If the Answer is helpful, please click "Accept Answer" and upvote it.

    0 comments No comments

  3. rz 10 Reputation points
    2024-01-09T09:30:36.4266667+00:00

    hello Karlie,

    the wifi infrastructure works correctly on Windows 10, it is only on Windows 11 that we have this problem.

    I can't connect to our company wifi at all, however a private wifi (wpa2) with only a password works.

    In addition, I confirm that the certificates appear on the Windows 11 PC.

    Regrads.

    0 comments No comments

  4. Ivan Chan 0 Reputation points
    2024-11-14T17:45:18.57+00:00

    I have the same issue with Windows 11. Disable Credential Guard resolved the issue.

    Set Computer Configuration\Administrative Templates\System\Device Guard to disabled

    0 comments No comments

  5. James White 0 Reputation points
    2025-03-24T20:58:45.9366667+00:00

    The local group policy override to disabled didn't work for me, but setting the registry keys to disable Device Guard described in: https://learn.microsoft.com/en-us/windows/security/identity-protection/credential-guard/configure?tabs=reg did work. Setting the following DWORD values and rebooting turned off Device Guard.

    Key path: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa

    Key name: LsaCfgFlags

    Type: REG_DWORD

    Value: 0

    Key path: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\DeviceGuard

    Key name: LsaCfgFlags

    Type: REG_DWORD

    Value: 0

    To confirm Device Guard is disabled in System Information (msinfo32) under Virtualisation-based security services running, the value of "Credential Guard" should not appear in the value column. If it does, the service is running and hasn't been turned off.

    Once it was disabled our RADIUS WiFi began working immediately.

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.