How to authenticate Windows 11 computers using Computer Certificate to WPA3 Enterprise network with NPS?

Question

My company is attempting to authenticate user's with their computer certificates so we can discontinue using user's credentials. We were able to get the Windows 10 devices to use the computer certificate with WPA2. However, we soon realized that because of Windows 11 devices having TLS 1.3 enabled, we were unable to authenticate to the WPA2 even after disabling TLS 1.3 on Windows 11. If someone could walk us through the process from the active directory to the NPS configurations, it would be greatly appreciated. We have the IEEE 802.1X Wireless Group configured with the certificate authority on the server side but, we are not 100% confident that it is configured correctly for Windows 11 devices.

Equipment: Cisco Wireless LAN Controller (Image: 8.10.171.0)

Cisco APs: 2802i

Windows Server 2019 & 2022

Answer 1

Hello,

Are there any relevant error messages when you perform identity verification?

In addition, the inability to authenticate may also be a version problem. It is recommended that you try to check whether the NPS server and certificate versions are out of date and upgrade or update them accordingly.

For details, you can refer to the link:

Windows 11 clients cannot authenticate to NPS server using computer authentication - Microsoft Community Hub

Windows 11 gives warning message when connecting to WPA2 Enterprise network - Microsoft Q&A

Regarding the issue of configuring NPS in AD, you can refer to the link:

Register an NPS in an Active Directory Domain | Microsoft Learn.

Hope this can help you.

Best Regards,

Shujun