Re: 802.1x and DHCP Failure

Tech-Archive recommends: Fix windows errors by optimizing your registry

From: RogerC (rojoch_at_NOSPAMtiscali.co.uk)
Date: 04/23/04 

Date: Fri, 23 Apr 2004 23:41:47 +0100

Hi anonymous,
I am now working and obtaining an ip address's correctly - but don't ask me
how!
I went through the setup of IAS, Client, AP so many times I don't know what
was the factor that got me going.
I cannot break it and get back to the position where both computer and user
authenticate ok but don't get an IP. I will go through my setup and post
the settings I am using when I get time.
Are you using Dlink AP's? It might help knowing this to see if it common
with them.
Regards,
RogerC

<anonymous@discussions.microsoft.com> wrote in message
news:2abd01c42864$573b4800$a401280a@phx.gbl...
> Did you solved this problem, the same things is happening
> to me. I'm Using a netgear ME103 AP win w2k3m, IAS.
> Thanks,
> >-----Original Message-----
> >Hi,
> >I am trying to setup radius authentication. Having
> failed on our production
> >network I have set up a test setup consisting of a 2003
> standard sever and a
> >laptop running XP sp1.
> >I have applied all service packs/updates I can find.
> >I have tried both Dlink 900AP and 2000AP's and Dlink
> 650+ & G650 PCMCIA
> >cards, all with the latest drivers.
> >The laptop logs on and obtains an ip address correctly
> using a wired
> >connection.
> >
> >When connecting by wireless I always get an Automatic
> Private IP Addressing
> >(APIPA)
> >
> >In the TechNet article "Troubleshooting Windows XP IEEE
> 802.11 Wireless
> >Access" it states:
> >"If the wireless adapter has an Automatic Private IP
> Addressing (APIPA)
> >address (169.254.0.0/16) or the configured alternate IP
> address, then
> >authentication has failed and the Windows XP wireless
> client is still
> >associated with the wireless AP" but the IAS log and AP
> log indicate that
> >authentication was successful.
> >I have tried everything but to no avail!
> >Any help greatly appreciated!
> >
> >RogerC
> >Test setup:-
> >The test domain is 'ROGERDOM', server 'win2k3s' and
> laptop 'ROGERLAP' and
> >user logon of rogerc.
> >Server Event Log entries:
> >
> >Event Type: Information
> >Event Source: IAS
> >Event Category: None
> >Event ID: 1
> >Date: 11/04/2004
> >Time: 01:04:34
> >User: N/A
> >Computer: WIN2K3S
> >Description:
> >User host/ROGERLAP.rogerdom.com was granted access.
> > Fully-Qualified-User-Name =
> rogerdom.com/Computers/ROGERLAP
> > NAS-IP-Address = 192.168.8.50
> > NAS-Identifier = MY-DWL-900AP+
> > Client-Friendly-Name = 900AP
> > Client-IP-Address = 192.168.8.50
> > Calling-Station-Identifier = 00-80-C8-07-11-47
> > NAS-Port-Type = Wireless - IEEE 802.11
> > NAS-Port = 0
> > Proxy-Policy-Name = Use Windows authentication for all
> users
> > Authentication-Provider = Windows
> > Authentication-Server = <undetermined>
> > Policy-Name = WIRELESS access policy
> > Authentication-Type = PEAP
> > EAP-Type = Secured password (EAP-MSCHAP v2)
> >
> >Event Type: Information
> >Event Source: IAS
> >Event Category: None
> >Event ID: 1
> >Date: 11/04/2004
> >Time: 01:08:02
> >User: N/A
> >Computer: WIN2K3S
> >Description:
> >User ROGERDOM\rogerc was granted access.
> > Fully-Qualified-User-Name = rogerdom.com/My Users/Roger
> xxxxxx
> > NAS-IP-Address = 192.168.8.50
> > NAS-Identifier = MY-DWL-900AP+
> > Client-Friendly-Name = 900AP
> > Client-IP-Address = 192.168.8.50
> > Calling-Station-Identifier = 00-80-C8-07-11-47
> > NAS-Port-Type = Wireless - IEEE 802.11
> > NAS-Port = 0
> > Proxy-Policy-Name = Use Windows authentication for all
> users
> > Authentication-Provider = Windows
> > Authentication-Server = <undetermined>
> > Policy-Name = WIRELESS access policy
> > Authentication-Type = PEAP
> > EAP-Type = Secured password (EAP-MSCHAP v2)
> >
> >AP log:
> >
> >Apr/13/2004 00:03:04 Send Accounting login message
> ROGERDOM\rogerc
> >Apr/13/2004 00:03:03 Authentication success 00-80-C8-07-
> 11-47
> >Apr/13/2004 00:03:03 EAP-Success 00-80-C8-07-11-47
> >Apr/13/2004 00:02:53 EAP-Response/Identity
> ROGERDOM\rogerc
> >Apr/13/2004 00:02:53 EAP-Request/Identity
> >Apr/13/2004 00:02:53 Wireless PC connected 00-80-C8-07-
> 11-47
> >Apr/13/2004 00:02:45 EAP-Response/Identity
> ROGERDOM\rogerc
> >
> >
> >
> >
> >
> >.
> >

Relevant Pages

  • RE: Wireless Security Notes and Findings (from this list and other places)
    ... There are two general areas of wireless security: Authentication and ... authentication standard that works with wireless networks. ... client computer runs a client program to connect to the network with a ...
    (Security-Basics)
  • Re: 802.11x authentication using MicroSoft AD/IAS..
    ... > I need to setup a wireless network with 802.11x authentication. ... In IAS, set up a new RADIUS client. ...
    (microsoft.public.internet.radius)
  • Re: AT&T WiFi at McDonalds, etc
    ... has a functional authentication server, such as AT&T obviously does, ... can also provide RADIUS based authentication, ... wireless client has no problem using. ... enable WPA-RADIUS in their wireless access points. ...
    (alt.internet.wireless)
  • Re: Wireless WPA on SBS not authenticating
    ... Everything needs to match exactly - for example, WPA and WPA2 are not interchangeable, nor are TKIP and AES. ... Failing that, you could try updating the NIC drivers on the wireless client, and also maybe trying a different wireless client or NIC. ... I've had some weird authentication issues with Intel wireless NICs, sometimes helped by a driver update, but I did have to replace one. ...
    (microsoft.public.windows.server.sbs)
  • RE: HELP! Error /w Wireless Client Connecting to Win2003 Server /w IAS
    ... Reason = The client could not be authenticated because the Extensible ... Authentication Protocol Type cannot be processed by the server. ... > The wireless client system goes to authenticate with windows ...
    (microsoft.public.security)