I have a UAC test environment with an EX2200 (12.3R2.5), SRX100 (12.1X45-D15.5), and a UAC (DTE) server (4.4r6.0). The latter is connected to a Windows 2008R2 Active Directory.
I got everything working, but I keep running into a certificate error when I try to connect a Windows 7 client (with all the patches etc. up till today) with Pulse on a dot1x connected port (on the EX2200).
The certificate on the UAC is issued from an Internal CA, and this CA is set as a Trusted Root Certification Authority on all domain members.
The FQDN of the UAC is uac.lan. When I connect with a browser from the same Windows client, I get NO certificate validation errors, so the basic setup is oke.
The Pulse Connection settings for 802.1x on the UAC are configured that the client should accept ANY certificate issued by the internally trusted CA which issued the uac.lan certificate (I didn't type the ANY word, I left it blank, and ANY was automatically inserted).
The error on the Pulse client is that the server is not listed in the Truster Server listing (on the UAC I presume), but I say it is.
Everytime I try to connect the network, I get the error. Even when I check the Remember Settings button. Somehow the Pulse client won't listen to the config of the UAC, and/or the user input.
When I add a L3 connection to the UAC, the authentication goes as expected. No warnings whatsoever.
Anyone any ideas on this?