Hi Team,
I am experiencing issues in every device upgraded to android 12 with the wpa2 enterprise WiFi. We are using EAP-TLS with the following configuration:
Certificate: Client certificate
Validate CA - Enabled
CA certificate: Company private root certificate
domain name: CN in radius server certificate (works with apple devices which caused issues historically with this config piece)
The device is not able to connect to the wireless network. The trust chain is of one level and just the root certificate signs the certificate of the clients and of the radius sevrer. We placed the root CA certificate in both CA certificate store and in the certificate store with wifi usage.
We did several tests, configuring different options but the wifi si not connecting, I have seen that several users are experiencing the same issue but none of their solution worked for us. Please help me!
Something that helped me recently was moving my 5GHz connection to upper band of 157 in my wireless router. Older lower band allocation in 5GHz wasn't detected. No issues for me with upper band allocation however. YMMV.
NetUnai said:
Hi Team,
I am experiencing issues in every device upgraded to android 12 with the wpa2 enterprise WiFi. We are using EAP-TLS with the following configuration:
Certificate: Client certificate
Validate CA - Enabled
CA certificate: Company private root certificate
domain name: CN in radius server certificate (works with apple devices which caused issues historically with this config piece)
The device is not able to connect to the wireless network. The trust chain is of one level and just the root certificate signs the certificate of the clients and of the radius sevrer. We placed the root CA certificate in both CA certificate store and in the certificate store with wifi usage.
We did several tests, configuring different options but the wifi si not connecting, I have seen that several users are experiencing the same issue but none of their solution worked for us. Please help me!
Click to expand...
Click to collapse
Hi, Where did you get Android 12 version for this device?
Related
My employer just purchased my group a set of WiFi Xooms, but our WiFi uses Juniper Odyssey to authenticate. Is there an Odyssey client available for Android? (I haven't been able to find one) Or is there a way to replicate the authentication process? I know it asks us for an RSA SecurID when we sign in on our laptops, but I can't get the Xoom to replicate this behavior.
Unfortunately, the only information regarding Android that I could find on Juniper's Knowledge Base is in regards to their Pulse VPN.
If all you're trying to do is connect to the internet, you could try setting up a computer that is connected to the network with internet connection sharing through a secondary ethernet adapter. Then you could use a wireless bridge to share the ICS-enabled connection to multiple XOOMs.
Thought I'd post here as we know how wonderfully prepared and responsive Motorola support is.
https://supportforums.motorola.com/thread/49113?tstart=0
I've connected to several Open and WEP/WPA protected Wifi networks with a VZW branded Xoom with 3G radio.
I'm stuck in the "Connecting" phase when using EAP TLS. I have correctly imported the PKCS #12 cert and entered the proper metadata.
Anyone else having this problem or have ideas on how to solve it?
same problem here. doesn't work in the company's wlan. do you have a solution?
Hey I am trying to connect my Android device to a WPA2-Enterprise network.
I have exported my CA certificate and changed the extension to *.p12 so that android can import it.
I connected my work laptop and check on the wireless properties it shows the following:
Security Type: WPA2-Enterprise
Encryption type: AES
Authentication Method: Certificate
After I imported my certificate and click on the wireless connection it only provides me with a EAP method, which my laptop does not use because when I switch from certificate to "Microsoft: Protected EAP (PEAP)". Since I don't have password to connect to the WPA2-Enterprise 802.1x wireless, I would imagine it would be the same on my Android device "I tried my phone and tablet"..only using my windows credentials to connect for example domain\username and pw.
Any ideas?
Maybe I need to convert the certificate instead of changing the extension to *.p12?
I tried using Wifi Advanced Editor from the Market but no luck....has anyone run into this type of situation where you use certificates and no EAP?
Anybody???
Sensation - MIUI, various from 1.11.25 to 2.1.13 - EAP Wifi problem
I too have suffered from this problem and dispite looking at various bulletin boards have found no solution. I have tried different kernels, advanced wifi configurator and have the same problem.
Frustratingly it is not always present as an issue, sometimes it will connect and others it will not. If I find any more info, I will update this post
Any update on this, also wanting to connect my Razr to my work network
Any updates on this?
Hi,
Here’s my situation – at my office they use Cisco IronPort to monitor and filter all internet requests. A transparent proxy is used on the network switches to direct port 80 traffic to the IronPort server. Initially only the browser on my phone would work as that is the only app that passes the correct authentication. All other apps fail to reach the internet. But the IronPort server can be configured to pass through a type of device if it can be identified. Using the IP address of my phone to filter the traffic logs, it seems that some apps pass “Windows Phone OS” in the data packets. And by adding “Windows Phone OS” to the IronPort exception list, those apps now work. But most apps still don’t work because they don’t include any windows phone identifier in the data packets. Can anyone provide any additional info on this subject or a possible solution?
Thanks.
bump... any ideas... anyone?
Use cellular data instead of your corporate network?
Use apps that use the new socket APIs, or connect to HTTP servers running on a port other than 80?
Complain to your IT people (commoditization of IT being what it is, I'm actually surprised by this restriction)?
See if you can get them using proxy authentication instead of packet inspection for authentication purposes (WP7 supports proxy authentication on WiFi)?
Find a job with an IT infrastructure that doesn't suck?
This started a couple of days ago, and I have now mitigated it with a couple of firewall rules on the VPN gateway, as well as shutting down the dhcpcd server on that server (which I don't need anyway, and which probably should have been stopped long ago).
My LAN has a raspberry pi 4 running their debian firmware that is configured as a VPN gateway. It connects my LAN via ProtonVPN to the internet. This gateway is set up with a static IP address (192.168.2.49) on the LAN, and is configured to use another RPI on my LAN to get its DNS (192.168.2.50).
My one month old running OOS 11 OnePlus8 is rooted with magisk, and I have blocked most of the google stuff from the internet using afwall, and suspended non-essential system services using greenify. When connected to my LAN, the phone has a static IP address (192.168.2.71), has its gateway set to the VPN gateway (192.168.2.49), and its DNS to my local rpi DNS (192.168.2.50).
DHCP on my LAN is provided by my router (192.168.2.1).
WIFI on my LAN is provided by an enterprise-grade tp-link hotspot.
Starting a few days ago, for reasons mysterious, when the phone connects to the LAN, the VPN gateway would promptly go offline. Because I run it headless, I would be forced to reboot it - which made diagnosis a bit of a pain. Finally, I found a log entry on the VPN gateway that informed me that my OnePlus was trying to claim the ip address of the VPN gateway as its own (192.168.2.49) in spite of being set to use 192.168.2.71. This duplicate IP was causing dhcpcd on the VPN gateway to immediately take down its eth0 interface. This would break ALL connectivity because I have wifi on that RPI disabled.
Prior to this problem involving the OnePlus, that RPI had been up continuously for over 400 days, so it should certainly be considered to be reliable at the job it does and almost certainly the problem is with the OnePlus.
So, for some reason the OnePlus is trying to assert its assigned gateway address as its IP rather than the 192.168.2.71 that is set, at least in some packet that it uses to announce itself; once it is connected it works properly (which means the right IP address is being used).
I have deleted, then re-created the wifi connection profile and doing that did not cause the problem to go away.
I have another RPI VPN gateway on my IOT VLAN (192.168.24.0/24). No DHCP is available on the VLAN (a security measure), and I do have a profile for the phone that allows it to connect to the VLAN. It works without issue there, but then dhcpcd has been and remains shut down on that RPI. I suppose I could start dhcpcd on that server and see if the phone then breaks it too. I won't do this unless there is some merit to doing so...if it would help find the basic problem.
As I say, shutting down dhcpcd and blocking all dhcp traffic to/from the LAN VPN gateway mitigated the problem. But that the problem could occur at all says something is wrong, and I'm pretty sure it isn't a problem on my network.
This seems most likely to be a bug in OnePlus firmware, though why it would manifest after a month is a mystery to me. Does anyone have any insight? Or does anyone have any suggestions for another place on XDA where this post might more appropriately be placed?
I was pretty sure no one would have any idea about this. I have mitigated it by turning off dhcpcd on the VPN gateway and I am not inclined to do a deeper dive; I have too much else to do.