RADIUS Server Certificate Issue

[TheRealOranges]

Ok so I recently set up a RADIUS server on my pfSense router based on the FreeRADIUS 3 package and it worked fine until I created a new radius server certificate and deleted the old default one. Now, all my Unix based clients prompted me to check the new cert when I tried to connect but all of my Windows clients simply said "Unable to connect to network" after authentication. I wonder if I have to delete the old certificate but I didn't need to download the certificate at the very start. Help? Anyone?

[Sir Asvald]

Are all your devices on the same network? and do all of them point back to the PfSense router?

[TheRealOranges]

Yes. My network is set up such that the Wireless AP is connected to a switch which is then connected to the pfSense router. All clients mentioned are connected to the Wireless AP. No VLANs are set up. I believe this is a certificate issue.

[Sir Asvald]

1 minute ago, TheRealOranges said:

Yes. My network is set up such that the Wireless AP is connected to a switch which is then connected to the pfSense router. All clients mentioned are connected to the Wireless AP. No VLANs are set up. I believe this is a certificate issue.

Can you ping the router and the radius server from your client PCs?

 

Also, please quote so I I know you've replied. 

[TheRealOranges]

Just now, Abdul201588 said:

Can you ping the router and the radius server from your client PCs?

 

Also, please quote so I I know you've replied. 

Sorry, ok I am using the pfSense router as my RADIUS server and yes i can ping my router. Just to clarify, the Unix based clients can connect.

[Sir Asvald]

1 minute ago, TheRealOranges said:

Sorry, ok I am using the pfSense router as my RADIUS server and yes i can ping my router. Just to clarify, the Unix based clients can connect.

So you're having issues with your Windows based clients? Are you entering the correct password and username for the radius server?

[GrayFox1991]

Is the root CA of the new cert on your clients?

[TheRealOranges]

10 minutes ago, Abdul201588 said:

So you're having issues with your Windows based clients? Are you entering the correct password and username for the radius server?

Yes I believe so

[TheRealOranges]

Just now, GrayFox1991 said:

Is the root CA of the new cert on your clients?

No I changed the CA

[GrayFox1991]

8 minutes ago, TheRealOranges said:

No I changed the CA

So isn't the issue that the Clients don't trust the new cert as they do not recognise the CA.
What happens when you install the CA's cert under the "Trusted Root Certification Authorities"?

[TheRealOranges]

9 minutes ago, GrayFox1991 said:

Is the root CA of the new cert on your clients?

i added this to my windows PC and it still refused to connect

[GrayFox1991]

Do you get any log entries from the Windows PC or RADIUS server when you initiate a connection?

[TheRealOranges]

The radius server doesn't show a failed authentication nor a successful one

15 minutes ago, GrayFox1991 said:

Do you get any log entries from the Windows PC or RADIUS server when you initiate a connection?

 

[TheRealOranges]

help?