Re: IAS Security
From: Roger (rludwig_at_ns.co.black-hawk.ia.us)
Date: 02/19/04
- Next message: Owen: "Re: Can you please help with assigning IP addresses on a wireless RADIUS network?"
- Previous message: Ashwin Philar: "Re: 802.1X Client Certificates Only Loggin Into Local Machine"
- In reply to: Roger: "Re: IAS Security"
- Next in thread: Sam Salhi [MSFT]: "Re: IAS Security"
- Reply: Sam Salhi [MSFT]: "Re: IAS Security"
- Messages sorted by: [ date ] [ thread ]
Date: Thu, 19 Feb 2004 13:03:34 -0600
In further testing I find that the RAS tries 10 times to get authorization
before it quits. In looking at the log, I get the error below 10 times, and
looking at the security log, I get 10 successful logins and 10 successful
logouts.
Is there somewhere else a need to authorize the user to make this work? I
have allowed access on the Remote Access Permission.
Thanks
Roger
"Roger" <rludwig@ns.co.black-hawk.ia.us> wrote in message
news:uvljjXu9DHA.2524@TK2MSFTNGP11.phx.gbl...
>
>
> Thanks for the reply. This is the error that I have been getting.
> Access request for user administrator was discarded.
>
> Fully-Qualified-User-Name = DOMAIN\administrator
>
> NAS-IP-Address = xxx.xx.0.7
>
> NAS-Identifier = <not present>
>
> Called-Station-Identifier = <not present>
>
> Calling-Station-Identifier = 12.219.17.183
>
> Client-Friendly-Name = Cisco
>
> Client-IP-Address = xxx.xx.0.7
>
> NAS-Port-Type = <not present>
>
> NAS-Port = 778
>
> Reason-Code = 6
>
> Reason = The server is unavailable.
>
>
> Also I will remove the users from that group. Just trying different
things.
>
> Thanks
>
> Roger
>
>
> "Ashwin Palekar(MS)" <ashwinp@online.microsoft.com> wrote in message
> news:%23CUJWGq9DHA.2856@TK2MSFTNGP10.phx.gbl...
> > What is the exact error shown the IAS event log?
> >
> > btw: should not add Users to RAS & IAS servers group. The IAS machine
> > account should be a member of the RAS & IAS servers group.
> >
> > --
> > --
> > ===========================================================
> > This posting is provided "AS IS" with no warranties and confers no
rights
> > ===========================================================
> >
> > "Roger" <rludwig1@mchsi.com> wrote in message
> > news:OKYrVMo9DHA.2064@TK2MSFTNGP11.phx.gbl...
> > > Hi,
> > >
> > > I have upgraded to W2K3 AD (mixed mode) and in the process have broken
> my
> > > W2K IAS authentication. I have enabled the IAS server in active
> directory
> > > and have added the users to the "RAS and IAS Servers" group and have
> given
> > > them dial in access. The IAS server is tracking other connections,
both
> > > from our RAS and PIX. I have looked at the activity log and there are
> > > current transactions for those connections that do not use AD to
verify.
> > >
> > > Any information would be appreciated.
> > >
> > > Thanks
> > >
> > > Roger
> > >
> > >
> >
> >
>
>
- Next message: Owen: "Re: Can you please help with assigning IP addresses on a wireless RADIUS network?"
- Previous message: Ashwin Philar: "Re: 802.1X Client Certificates Only Loggin Into Local Machine"
- In reply to: Roger: "Re: IAS Security"
- Next in thread: Sam Salhi [MSFT]: "Re: IAS Security"
- Reply: Sam Salhi [MSFT]: "Re: IAS Security"
- Messages sorted by: [ date ] [ thread ]
