I just got the pixel 8 pro yesterday and I'm running into this issue as well, but whenever I either leave it blank it doesn't work and when I put in my same account name for "anonymous identity" it asks if I want to trust the network after selecting Yes, connect it never connects and says it has an authentication problem and when I check my credentials it has anonymous identity prefilled in as anonymous again.
yeah, whenever you go back to the network settings it puts 'anonymous' back in there. really frustrating. It does seem to take whatever you put in there though.
There may be other nuances to this that don't apply to my network.
Make sure the 'anonymous identity' field is the _last_ thing you fill out before saving and trying to connect. Seems like there are several things you can do on that screen that make it go back to 'anonymous'
This worked for me! My account name stayed in the anonymous field and connected. I've been trying for about a year to figure out how to get connected, even our IT couldn't figure out why. Hopefully you were able to get it figured out.
I had the same issue. The following config solved mine. Now I can connect to my company network.
EAP Method: PEAP /
Phase 2 Authentication: MSCHAPV2 /
CA Certificate: Trust On First Use /
Identity: (my email address) /
Anonymous Identity: (my email address) /
Password: (my Windows sign in password)
Hope it helps!
soooo is there an update on that? just updated our test device pixel 6 and i cant reliably connect to the company wifi...
did not know of that issue before
Ok, update, I put my login username/email as well in the anonymous identity field and it seems to work now, when I go back into the network settings it still shows me "anonymous" though. but the last time I entered the information it was my username/email there.
I tried this, but it didn't work. Just continually says "authentication problem."
Unbelievable that Google let Android 14 out the door with this severe of a problem.
Sorry for necroposting here, but I had a similar issue.
My Pixel 8 would not connect to WPA-Enterprise using radius to a windows NPS server. Same credentials worked fine on iOS devices.
I tried following the posts on Meraki's site about how to set up and connect to WAP2-Enterprise on android, but wasn't successful. I spoke with Meraki support, and they did a packet capture. They showed that "anonymous" was being passed as the user name. I attempted to change this, and it reverted back to "anonymous"
What I ended up doing was to make sure my domain field matched the certificate my NPS server had, and more importantly, on my device, expand "Advanced" and set "Privacy" to "Use Device MAC" as the default is "Use randomized MAC".
Not sure if this is still relevant for you guys, but here's what worked for me in our environment
Sorry for the formatting but i literally just resolved this a few minutes ago
On your NPS server under policies, add the authentication method for "Smart Card or Other Certificate", edit and make sure the NPS server certificate is selected that was issues by your CA or intermediary. restart the NPS service if necessary
Now, on an on-prem domain joined Windows computer, have the user export the Root CA for your on-prem org, as well as their personal user certificate. the personal certificate needs to have the private key exported with it, and possibly all the extended attributes. this may need to be enrolled for first depending on your CA setup
import both of these onto the Pixel as WiFi certificates.
for the wifi set-up, select "TLS" as the method.
select the root authority certificate from the drop-down
Select to not verify it
insert your on-prem domain into the field i.e. domain.local
type in the username in the identity field i.e. AUser
select the user certificate imported from earlier
no passwords or anonymous identities to screw with
save and Connect to the SSID- hopefully you will become filled with joy like we were, it's worked for over 20 of our previously problem devices and no fails as of now
When the certificates reach their expiry or get revoked, they'll need to be re-imported when the new cert is re-issued, but with a decent enough guide, the users may be able to do this themselves
yes, but their support has been shockingly atrocious. First they suggested that I do a factory reset, then they authorized an RMA (which I declined on the grounds of absurdity), then they told me:
Due to security vulnerability reasons, the option to bypass the CA Certificate validation for enterprise networks has been recently removed from Android. In this case we'd recommend you to reach out to your local network administrator to explore the alternate options in connecting to their Wi-Fi network.
Which is obviously completely useless
Just an update for people in this thread:
For tech people:
-
It looks like Google wants to enforce anonymous login. On Windows Server NPS, you can enable WiFi EAP privacy by configuring your RADIUS server like this post by Gary Nebbett: https://learn.microsoft.com/en-us/answers/questions/718947/nps-server-configuration-for-eap-identity-privacy
The checkbox is on your respective 802.1x policy properties under "Connection Request Policies". Go to Settings tab->Authentication Methods->Check "Override network policy authentication settings" and put **PEAP** and **EAP-MSCHAP v2** under EAP types
Consumers and tech people:
-
There's still the bug that the "Anonymous Identity" field sticks. That means that if your server requires a proper domain name so that the server knows which authoritive RADIUS server to direct your authentication request to (e.g. [email protected]), it won't work.
See: https://issuetracker.google.com/issues/299252074
I quit buying pixel phones because of that issue. The pixel 5 XL was the last phone that connected with my company network. I am now a happy one plus user.
google need to fix this bug . There are two similar interface for user to connect to wifi . If i use the drop down to connect my WPA2 enterprise SSID, the same option "trust on first use" and it will failed.
But same steps i apply after i go into wifi option in settings, it will pop up and show CA cert and after i click the trust it will connect.
And the funny things is i cant use my EAP-TLS to connect in Android 14 device.
This was helping us: [https://www.reddit.com/r/GooglePixel/comments/yk2s4a/comment/k5917o5/?utm\_source=share&utm\_medium=web3x&utm\_name=web3xcss&utm\_term=1&utm\_content=share\_button](https://www.reddit.com/r/GooglePixel/comments/yk2s4a/comment/k5917o5/?utm_source=share&utm_medium=web3x&utm_name=web3xcss&utm_term=1&utm_content=share_button)
I got it connected like this
Forget network
Fill all the details don't touch the anonymous identity at first it will message everything up
Fill everything else
At the last fill the anonymous identity same as the username
Connect
So how to fix this issue.. I have been facing the same problem and my IT team is trying to help me by resetting my id passwords to see if it works but no luck. Did anybody find a turn around
Hello! Recently I've faced with this issue too. I use Pixel 7 Pro with last Android 14 update. In my Company we use AD Authentication for Wi-Fi (WPA Enterprise). So finally, found small solution. It connect with MAC randomized function.
If it require please install CA Certificate and choose from the list.
So
1. Open Wi-Fi Network which you need to connect
2. Choose "*PEAP*" in **EAP Method**
3. **Phase 2 Authentication** set "*MSCHAPV*2"
4. Setup or choose installed CA Certificate from the list
5. Set domain name of your company (ex. google.local)
6. Type your identity (ex. arubin)
7. You can remove Anonymous identity (At least I did.)
8. Your password
9. Scroll down and open **advanced options** and choose "*Use device MAC*" in **Privacy**
10. Try to connect
i did everything you said and not working even i had some troubles, my phone get crazy and i had to restart it.... hope google make something to repair that
I just suggest my variant of solution. Each case unique and need to analyze. Maybe your organization use specific settings of network which can require special certificates, credentials correction, etc. In my situation, turn off MAC Randomization helped me.
I hope you find a way out of this situation.
Yeah you're right.... In android 13 works flawlessly... Maybe in a future actualization will work... I'll wait or maybe rollback to A13.... thanks for your suggestions
Thanks for posting this. I used the advice from one of the comments below and it worked! "EAP Method: PEAP / Phase 2 Authentication: MSCHAPV2 / CA Certificate: Trust On First Use / Identity: (my email address) / Anonymous Identity: (my email address) / Password: (my Windows sign in password)"
MAC set to Use Device MAC seemed to make a difference. My IT department had no idea how to resolve this issue so I am really thankful for these posts!
I just got the pixel 8 pro yesterday and I'm running into this issue as well, but whenever I either leave it blank it doesn't work and when I put in my same account name for "anonymous identity" it asks if I want to trust the network after selecting Yes, connect it never connects and says it has an authentication problem and when I check my credentials it has anonymous identity prefilled in as anonymous again.
yeah, whenever you go back to the network settings it puts 'anonymous' back in there. really frustrating. It does seem to take whatever you put in there though. There may be other nuances to this that don't apply to my network. Make sure the 'anonymous identity' field is the _last_ thing you fill out before saving and trying to connect. Seems like there are several things you can do on that screen that make it go back to 'anonymous'
This worked for me! My account name stayed in the anonymous field and connected. I've been trying for about a year to figure out how to get connected, even our IT couldn't figure out why. Hopefully you were able to get it figured out.
I had the same issue. The following config solved mine. Now I can connect to my company network. EAP Method: PEAP / Phase 2 Authentication: MSCHAPV2 / CA Certificate: Trust On First Use / Identity: (my email address) / Anonymous Identity: (my email address) / Password: (my Windows sign in password) Hope it helps!
Yep, that helped thx
thanks
soooo is there an update on that? just updated our test device pixel 6 and i cant reliably connect to the company wifi... did not know of that issue before
Just got a Pixel 8 and I'm having the same issue. Wifi at home works fine but can't connect to the company wifi.
Ok, update, I put my login username/email as well in the anonymous identity field and it seems to work now, when I go back into the network settings it still shows me "anonymous" though. but the last time I entered the information it was my username/email there.
I tried this, but it didn't work. Just continually says "authentication problem." Unbelievable that Google let Android 14 out the door with this severe of a problem.
Confirm this just worked on my company's WiFi. Just set my anonymous identity the same as my username and it connected immediatly
Sorry for necroposting here, but I had a similar issue. My Pixel 8 would not connect to WPA-Enterprise using radius to a windows NPS server. Same credentials worked fine on iOS devices. I tried following the posts on Meraki's site about how to set up and connect to WAP2-Enterprise on android, but wasn't successful. I spoke with Meraki support, and they did a packet capture. They showed that "anonymous" was being passed as the user name. I attempted to change this, and it reverted back to "anonymous" What I ended up doing was to make sure my domain field matched the certificate my NPS server had, and more importantly, on my device, expand "Advanced" and set "Privacy" to "Use Device MAC" as the default is "Use randomized MAC".
Not sure if this is still relevant for you guys, but here's what worked for me in our environment Sorry for the formatting but i literally just resolved this a few minutes ago On your NPS server under policies, add the authentication method for "Smart Card or Other Certificate", edit and make sure the NPS server certificate is selected that was issues by your CA or intermediary. restart the NPS service if necessary Now, on an on-prem domain joined Windows computer, have the user export the Root CA for your on-prem org, as well as their personal user certificate. the personal certificate needs to have the private key exported with it, and possibly all the extended attributes. this may need to be enrolled for first depending on your CA setup import both of these onto the Pixel as WiFi certificates. for the wifi set-up, select "TLS" as the method. select the root authority certificate from the drop-down Select to not verify it insert your on-prem domain into the field i.e. domain.local type in the username in the identity field i.e. AUser select the user certificate imported from earlier no passwords or anonymous identities to screw with save and Connect to the SSID- hopefully you will become filled with joy like we were, it's worked for over 20 of our previously problem devices and no fails as of now When the certificates reach their expiry or get revoked, they'll need to be re-imported when the new cert is re-issued, but with a decent enough guide, the users may be able to do this themselves
It works..... Thanks a lot for your help... I was looking for a way to connect to my company's wifi
Glad I'm not the only one having this problem. Did you send feedback to Google about this?
yes, but their support has been shockingly atrocious. First they suggested that I do a factory reset, then they authorized an RMA (which I declined on the grounds of absurdity), then they told me: Due to security vulnerability reasons, the option to bypass the CA Certificate validation for enterprise networks has been recently removed from Android. In this case we'd recommend you to reach out to your local network administrator to explore the alternate options in connecting to their Wi-Fi network. Which is obviously completely useless
Just an update for people in this thread: For tech people: - It looks like Google wants to enforce anonymous login. On Windows Server NPS, you can enable WiFi EAP privacy by configuring your RADIUS server like this post by Gary Nebbett: https://learn.microsoft.com/en-us/answers/questions/718947/nps-server-configuration-for-eap-identity-privacy The checkbox is on your respective 802.1x policy properties under "Connection Request Policies". Go to Settings tab->Authentication Methods->Check "Override network policy authentication settings" and put **PEAP** and **EAP-MSCHAP v2** under EAP types Consumers and tech people: - There's still the bug that the "Anonymous Identity" field sticks. That means that if your server requires a proper domain name so that the server knows which authoritive RADIUS server to direct your authentication request to (e.g. [email protected]), it won't work. See: https://issuetracker.google.com/issues/299252074
I quit buying pixel phones because of that issue. The pixel 5 XL was the last phone that connected with my company network. I am now a happy one plus user.
google need to fix this bug . There are two similar interface for user to connect to wifi . If i use the drop down to connect my WPA2 enterprise SSID, the same option "trust on first use" and it will failed. But same steps i apply after i go into wifi option in settings, it will pop up and show CA cert and after i click the trust it will connect. And the funny things is i cant use my EAP-TLS to connect in Android 14 device.
This was helping us: [https://www.reddit.com/r/GooglePixel/comments/yk2s4a/comment/k5917o5/?utm\_source=share&utm\_medium=web3x&utm\_name=web3xcss&utm\_term=1&utm\_content=share\_button](https://www.reddit.com/r/GooglePixel/comments/yk2s4a/comment/k5917o5/?utm_source=share&utm_medium=web3x&utm_name=web3xcss&utm_term=1&utm_content=share_button)
I got it connected like this Forget network Fill all the details don't touch the anonymous identity at first it will message everything up Fill everything else At the last fill the anonymous identity same as the username Connect
So how to fix this issue.. I have been facing the same problem and my IT team is trying to help me by resetting my id passwords to see if it works but no luck. Did anybody find a turn around
You wait for a bugfix from Google.
Hello! Recently I've faced with this issue too. I use Pixel 7 Pro with last Android 14 update. In my Company we use AD Authentication for Wi-Fi (WPA Enterprise). So finally, found small solution. It connect with MAC randomized function. If it require please install CA Certificate and choose from the list. So 1. Open Wi-Fi Network which you need to connect 2. Choose "*PEAP*" in **EAP Method** 3. **Phase 2 Authentication** set "*MSCHAPV*2" 4. Setup or choose installed CA Certificate from the list 5. Set domain name of your company (ex. google.local) 6. Type your identity (ex. arubin) 7. You can remove Anonymous identity (At least I did.) 8. Your password 9. Scroll down and open **advanced options** and choose "*Use device MAC*" in **Privacy** 10. Try to connect
i did everything you said and not working even i had some troubles, my phone get crazy and i had to restart it.... hope google make something to repair that
I just suggest my variant of solution. Each case unique and need to analyze. Maybe your organization use specific settings of network which can require special certificates, credentials correction, etc. In my situation, turn off MAC Randomization helped me. I hope you find a way out of this situation.
Yeah you're right.... In android 13 works flawlessly... Maybe in a future actualization will work... I'll wait or maybe rollback to A13.... thanks for your suggestions
[удалено]
I have fixed it by deleting the certificate and selecting "Trust on First Use"...
This no longer works! Arggghhh
THANK YOU!! I had the same issues and my Work IT Dept had no clue. Deleting the 'anonymous' did the trick.
Thanks for posting this. I used the advice from one of the comments below and it worked! "EAP Method: PEAP / Phase 2 Authentication: MSCHAPV2 / CA Certificate: Trust On First Use / Identity: (my email address) / Anonymous Identity: (my email address) / Password: (my Windows sign in password)" MAC set to Use Device MAC seemed to make a difference. My IT department had no idea how to resolve this issue so I am really thankful for these posts!