When configuring Active Directory based authentication on WiNG you may experience issues with (some) clients.
First of all confirm your configuration is compliant with How to set internal RADIUS server on WiNG with LDAP based authentication?
Make sure that BIND DN account is member of Domain Admin
Confirm that LDAP agent (BIND DN
) is joined with domain controller correctly under Statistics - System - select device acting as RADIUS server - LDAP Agent Status
TIP: Make sure the domain name is correct checking 1B parameter on a PC using command below
C:\Users\> nbtstat -a <IP of LDAP server>
Node IpAddress: [w.x.y.z] Scope Id: 
NetBIOS Remote Machine Name Table
Name Type Status
EXTRBRNO <1B> UNIQUE Registered
If LDAP agent
is unable to join the domain, make sure it is not affected by this case - Why does Windows server not respond to NBNS to different subnet?
Then make sure you selected Authentication type of PEAP-MS-CHAPv2 under Services - RADIUS - Policy - Server Policy
If there is still an issue try to disable
LDAP group verification
In case when all above fails and supplicant is still unable to authenticate make sure that you use wireless network profile using proper authentication type. For Windows clients you may find some MSDN articles describing how to do this.