I ́ve updated 3 devices to 11.4.106 and now I have problems with the authentication with 802.1x. The igels have a certificate from a ms-scep-server, they ́ve got a valid certificate, but authentification fails. With 11.3.X no problems
The subject of the certificate for 11.3.X Looks like this: subject= /C=NL/ST=OV/L=Almelo/O=ETC/OU=IT/CN=http://NL02ITC-20008.EXT.ENRITEC.COM NL02ITC-20008.EXT.ENRITEC.COM
The subject of the certificate for 11.4.X Looks like this: subject=C = NL, ST = OV, L = Almelo, O = ETC, OU = IT, CN = NL02ITC-20008.EXT.ENRITEC.COM NL02ITC-20008.EXT.ENRITEC.COM
This is the only change I see. Is this a bug or is my config not correct?
Thanks
I can confirm that 802.1x isn’t working for me on 11.04.100. Today is the first day I have been in the office with one that has been converted in order to test.
however, the subject of the cert on 11.3.X for me is a little different. Mine has no slashes. It is identical to the 11.04.X except the 11.04.x has spaces like shown by @member
so instead of being like: C=US, ST=IN, L=Wabash, O=Beacon Credit Union, OU=IT, CN=DNSName
it is C = US, ST = IN, L = Wabash, O = Beacon Credit Union, OU = IT, CN = DNSName
Correct. Copied the line out of putty
Our Network Engineer is saying it never even tries to authenticate with the network.
looking at journalctl I see some network_man and nm_lan lines that contain ‘801-1x.identity: property is missing’
I tried recreating the SCEP certificate policy and the 802.1x policy and it didn’t help
These two lines appear to possibly causing an issue.
(see the screenshot inside the IGEL Community on Slack, join below)
this is from a device with 11.03.110 on it
I’ll open a ticket either later tonight or in the morning
Ticket Opened ITRS#2020082710000923 – Hopefully, support will have an idea how to fix.
This is the CSR, so yeah, something wrong there.
However, I think it is something more than that. If you look at the certificate I posted above, even the Issuer had those extra spaces. So I don’t think it is with the CSR creation, but rather with something that is reading the file.
Thanks for being so active on this 🙂
The new firmware 11.04.112 does fix this issue. I just tested it and 802.1x authentication is working
It is working fine now, Thanks
Continue reading and comment on the thread ‘IGEL OS authentication with 802.1x issues’. Not a member? Join Here!
Learn more, search the IGEL Knowledge Base
Ask a question or comment on the above message thread?
Join or log in to the IGEL Community to ask us anything and meet other IGEL customers, partners, and EUC enthusiasts.Submit a question, or Join Today!
Popular Message Threads
- How to Install IGEL OS via a Bootable USB Drive
- How to change the default IGEL UMS admin password?
- Citrix connection via Netscaler Error: “AM_ERROR_AUTH_NETWORK_ERROR[65275]” on IGEL OS
- Receiving error: “Citrix Receiver cannot create a secure connection in this browser” when launching a secure connection from Firefox on IGEL OS
- Error connecting to Citrix StoreFront “Error adding store: Http error[302]”
- Where to delete the certificates that cause ‘invalid certificate’ when trying to import an IGEL into UMS?
- After upgrading to IGEL OS 11.04.200.01 my Citrix Storefront configuration does not work anymore – Error adding store: AM_ERROR_AUTH_NETWORK_ERROR[65275]