RADIUS WiFi authentication stopped working

sparksitr-adv1 1 Reputation point

Almost exactly 2 years ago, we setup RADIUS WiFi Authentication for our 4 sites, all with Unifi AP’s (Unifi Controller running on 1 server), connecting to Network Policy Server on our Domain Controller. Out of the blue last week, users at site A discovered WiFi was not connecting, then over the next few days users at site B & C discovered WiFi not connecting, but users as site D have NOT yet been impacted. NPS logs aren’t very helpful, but they do confirm the authentication requests are reaching the NPS server (screenshot below of the log details). We haven’t changed any configurations/settings. Our Certificate Server is on the same domain controller as the NPS and we confirmed the cert is not expired. Since this started occurring exactly 2 years from when we initially set it up and we have 1 site being effected at a time, it seems like something is expiring for each site after 2 years, but the only “site specific” components are the 4 sites in our Unifi AP infrastructure and there doesn’t seem to be anything in Unifi that would expire after 2 years. Maybe it’s just a coincidence. Please advise. Thank you.136381-2021-09-29-10-01-32.png

Not Monitored
Not Monitored
Tag not monitored by Microsoft.
26,993 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. cthivierge 3,981 Reputation points

    Can you validate that the NPS Certificate or the DC's Certificate are not revoked ?

    You can extract the CRL in a text file and then look for your NPS / DC's certificate serial number if they are present

    certutil -dump C:\Temp\MyCRL.crl > C:\Temp\MyCRLExtract.txt

    0 comments No comments