Skip to content

EasyRadius FAQ

EAP-TLS Authentication Troubleshooting

Windows Devices

Common Issues

  • Certificate not found in personal store
  • Wrong certificate selected for authentication
  • Network adapter configuration problems
  • RADIUS server connectivity issues
  • TPM broken - try storing client certificate in software store

Troubleshooting Steps

  • Certificate Verification:

    • Open certmgr.msc
    • Check Personal store for client certificate
    • Verify certificate chain is valid
    • Confirm certificate has Client Authentication EKU

  • Network Configuration:

    • Check WLAN/LAN profile settings
    • Verify EAP-TLS settings
    • Confirm RADIUS server details
    • Test basic network connectivity

  • Event Viewer:

    • Check System logs
    • Review Network category events
    • Look for EAP/RADIUS errors

iOS/iPadOS Devices

Common Issues

  • Profile installation failures
  • Certificate trust issues
  • Wi-Fi profile misconfiguration
  • Authentication timeouts

Troubleshooting Steps

  1. Profile Verification:

    • Check Settings > General > Profiles
    • Verify certificate installation
    • Confirm profile is trusted
    • Review Wi-Fi configuration

  2. Network Settings:

    • Remove and re-add network profile
    • Verify EAP-TLS settings
    • Check server certificate validation
    • Test with different networks

  3. Diagnostics:

    • Check Settings > Wi-Fi logs
    • Review profile installation logs
    • Test with Apple Configurator

Android Devices

Common Issues

  • Certificate storage location problems
  • Network security type selection
  • CA certificate trust issues
  • EAP configuration errors

Troubleshooting Steps

  1. Certificate Management:

    • Check Settings > Security > Certificates
    • Verify certificate installation location
    • Confirm certificate permissions
    • Test with system/user certificates

  2. Wi-Fi Settings:

    • Use WPA2/WPA3-Enterprise
    • Select EAP-TLS method
    • Choose correct client certificate
    • Verify server validation

  3. Advanced Diagnostics:

    • Enable Developer Options
    • Check Wi-Fi verbose logging
    • Review system logs
    • Test with different Android versions

Network Equipment Configuration

Common Issues

  • Wrong RADIUS server IP/port
  • Incorrect shared secret
  • Missing RADIUS attributes
  • Certificate validation failures

Troubleshooting Steps

  1. RADIUS Configuration:

    • Verify server IP and port (default: 1812)
    • Check shared secret matches
    • Confirm NAS identifier
    • Test with RADIUS test tools

  2. Certificate Settings:

  3. Review root CA trust
  4. Check certificate revocation
  5. Verify OCSP/CRL access

  6. Test with different certificates

  7. Network Settings:

    • Check VLAN configuration
    • Verify authentication timeout
    • Review logging settings
    • Test basic connectivity

General Tips

  1. Always verify:

    • Certificate validity dates
    • Certificate key usage flags
    • Network connectivity
    • RADIUS server status

  2. Common solutions:

    • Reinstall client certificate
    • Reset network settings
    • Clear cached credentials
    • Update device OS

  3. Getting Support:

    • Collect relevant logs
    • Document exact error messages
    • Note device details
    • Contact support@just-software.com