Validating Certificate on Server

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

From: PedroRibeiro (pmribeiro_at_fe.ucp.pt)
Date: 06/22/04

  • Next message: CB: "IAS And RRAS" 
    Date: Tue, 22 Jun 2004 05:06:46 -0700

    Although i've installed a computer certificate (through a
    local CA - which is the domain controller) on the IAS
    server, I can't make authentication when the "Validate
    Server Certificate" option on the PEAP Properties of WinXP
    supplicant is activated.
    I receive an error on the IAS server:

    User wifiuser@my-domain.com was denied access.
     Fully-Qualified-User-Name = my-domain/WifiUsers/wifiuser
     NAS-IP-Address = 192.168.192.252
     NAS-Identifier = <not present>
     Called-Station-Identifier = 000f.f7a7.d6e0
     Calling-Station-Identifier = 0004.238a.542d
     Client-Friendly-Name = cisco1100-test
     Client-IP-Address = 192.168.192.252
     NAS-Port-Type = Wireless - IEEE 802.11
     NAS-Port = 14074
     Proxy-Policy-Name = Wifi Users
     Authentication-Provider = Windows
     Authentication-Server = <undetermined>
     Policy-Name = Wifi Auth
     Authentication-Type = PEAP
     EAP-Type = <undetermined>
     Reason-Code = 262
     Reason = The supplied message is incomplete. The
    signature was not verified. 

    ----
Can you guys give me a hint on whats wrong??
Thanks a lot.
  • Next message: CB: "IAS And RRAS"

    Relevant Pages

    • Re: 802.1x Wired Auth and Authentication
      ... is installed on the NPS or IAS server rejected the connection request. ... This means that you have an IAS authentication extension DLL installed. ...
      (microsoft.public.internet.radius)
    • Re: Aironet 1200/Radius Help Needed
      ... I just fired up a W2003 Advanced Server so that I can take ... >> IAS servers (do I need a separate certificate for the secondary IAS ... >> of authentication since it involves just installing the certificate on ... >between the AP and the client. ...
      (microsoft.public.internet.radius)
    • Re: enterprise RADIUS
      ... How many clients can the IAS radius servers support? ... IAS scales up from Corporate to large ISP deployments. ... If the VPN server supports EAP (the same authentication protocol used by 802.1x), then install a ACE agent on the IAS server; and configure the agent to use the ACE server. ...
      (microsoft.public.internet.radius)
    • Re: 802.1x Wired Auth and Authentication
      ... How do I see where/what the IAS auth extension is? ... is installed on the NPS or IAS server rejected the connection request. ... This means that you have an IAS authentication extension DLL installed. ...
      (microsoft.public.internet.radius)
    • Re: Authentication forwarding to Active Directory
      ... for the Dot1x machine authentication. ... usually we would use 2 radius server. ... and one for the radius authentication of the components. ... > In order for IAS to query its "local SAM database" instead of AD, ...
      (microsoft.public.internet.radius)