Problems connecting a Photon to a WPA2-Enterprise network

I’m writing in order to get some help with the network configuration in a Photon. One of our customers has a WPA2-Enterprise Network and we have been requested to connect the devices to it.
We have been doing severals test with the client but the devices haven’t been able to connect to the internet.

The procedure has been the same that appears in particle documentation:

  1. We select the EAP type: this company uses the PEAP/MSCHAPv2 Login
  2. We provide the username and the password
  3. In Outer Identity: we have tested with this parameter blank and tested with this parameter with the username
  4. Root CA in PEM format: the client hasn’t been able to shared the certificate, so we select the option “n”

At first, if we did no enter the CA, the configuration wasn’t successful and it shows us a Time Out message.
The client did some changes in their network and we tried again the configuration. The steps were the same as I mentioned above, this time it could conclude the configuration (with the Outer Identity blank and without CA), the Photon restarted and began to search for the network. Immediately, it went to Listening Mode.

We have been asking to the client to provide us the CA certification to tried the configuration with that parameter, but it hasn’t been possible.

The client got information through the network access logs after we did the tests and they are telling us that the device isn’t compatible with this type of network.

I wonder if there’s something else we are missing (besides the CA certificate) to make the configuration correctly.
The following images attached, present how the procedure to connect the device to the cloud has been done so far
and the logs the client got when we tried to reach the network.

I would appreciate any help in this situation.

The CA certificated is optional. The purpose is to prevent another server from being able to spoof the authentication server, causing you to submit credentials to the wrong server. Answering no to that question is fine.

From the message “rim_mschap: user USR_Vial authentication failed” it looks like the authentication failed. A few possibilities come to mind:

  • The password is actually incorrect (probably not the case here)
  • The password is longer than 64 characters (does not look like it from the screenshot)
  • The password contains characters that are not 7-bit ASCII, such as accented characters (does not appear to be the case)
  • The username is incorrect. It possible that the RADIUS server is expecting something other than Microsoft Active Directory style domain\username syntax, but it doesn’t really look like it from the log because it seems to be picking out the domain correctly.
  • The outer identity is supposed to be something else. It’s usually blank, and sometimes the username. Did you try just the username without the "domain" part? I’m not particularly confident this will work, but it’s worth a try.
  • The Photon really is not compatible with that WPA2-Enterprise network.
1 Like

this is from uncle google