Re: problem with 802.1x authenticating
From: Jan-Erik (Jan-Erik.179d52_at_mail.webservertalk.com)
Date: 06/02/04
- Next message: Ashwin Palekar\(MS\): "Re: EAP-TLS Authentication question"
- Previous message: James McIllece [MS]: "Re: ias event id 3"
- In reply to: Niklas: "Re: problem with 802.1x authenticating"
- Messages sorted by: [ date ] [ thread ]
Date: Wed, 2 Jun 2004 18:30:52 -0500
Hi again,
When I read your information, you said that you have got a certificate
to the client??? If you are using ms-chap it is one server certificate
for the IAS that you must have, as I know.
I am sure that you have checked that you are using the same 802.1X
auth, method at client and IAS several times :-)
Can you try to use eap-tls (cert at both IAS and client). I am using it
and it works fine now. I have had problems and it was the IAS server
that was corrupted. I saw it in the IAS logs, when I restarted the IAS
Server. /Jan-Erik
Niklas wrote:
> *well it was easier said then done to find any useful information in
> these
> logs :)
> I got a few log files but none seems to be obviously wrong.
> the only thing I could see that had anything to do with an error was
> in the
> RASTLS.LOG
> [3728] 16:02:38:335: EapTlsSMakeMessage
> [3728] 16:02:38:335: MakeReplyMessage
> [3728] 16:02:38:335: SecurityContextFunction
> [3728] 16:02:38:335: AcceptSecurityContext returned 0x0
> [3728] 16:02:38:335: AuthenticateUser
> [3728] 16:02:38:335: QueryContextAttributes failed and returned
> 0x8009030e
> [3728] 16:02:38:335: Got no credentials from the client and executing
> PEAP.
> This is a success for eaptls.
> [3728] 16:02:38:335: CreateMPPEKeyAttributes
> [3728] 16:02:38:335: State change to SentFinished
> [3728] 16:02:38:335: Negotiation successful
>
> What does it mean "This is a success for eaptls"? I using ms-chap v2
> not
> eap-tls
>
> thanks
> /Niklas
>
> "Jan-Erik" <Jan-Erik.177igq@mail.webservertalk.com> wrote in message
> news:Jan-Erik.177igq@mail.webservertalk.com...
> >
> > Hi Niklas,
> > Have you enabled tracing at the IAS?
> > Command: netsh ras set tracing * enabled
> >
> > Then you can see much more of what happens in the "background".
> > You can also look in the Wireless Monitor snap-in for the MMC at
> the XP
> > computer.
> >
> > It has helped me :-) /Jan-Erik
> >
> > Niklas wrote:
> >
> >
> >
> > --
> > Jan-Erik
> >
> ------------------------------------------------------------------------
> > Posted via http://www.webservertalk.com
> >
> ------------------------------------------------------------------------
> > View this thread: http://www.webservertalk.com/message247391.html
> > *
-- Jan-Erik ------------------------------------------------------------------------ Posted via http://www.webservertalk.com ------------------------------------------------------------------------ View this thread: http://www.webservertalk.com/message247391.html
- Next message: Ashwin Palekar\(MS\): "Re: EAP-TLS Authentication question"
- Previous message: James McIllece [MS]: "Re: ias event id 3"
- In reply to: Niklas: "Re: problem with 802.1x authenticating"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
