Re: Got PEAP working, trying for EAP-TLS, need some help

Tech Tip: Click here to run a free scan for Windows Errors and optimize PC performance

Hi,

It looks like either EAP-TLS is not configured on client or on server. Can
you make sure that BOTH are confgured to use EAP-TLS?

Thx.


--
This posting is provided "AS IS" with no warranties, and confers no rights.
OR if you wish to include a script sample in your post please add "Use of
included script samples are subject to the terms specified at
http://www.microsoft.com/info/cpyright.htm";

Please do not send e-mail directly to this alias.
This alias is for newsgroup purposes only.
====================================
"John Smith" <na@xxxxxx> wrote in message
news:eJGbO2uZFHA.2996@xxxxxxxxxxxxxxxxxxxxxxx
> I have a working setup with PEAP, and am trying to get EAP-TLS working, I
> have computer and user certificates on the client and computer certificate
> on the server. When I connect with the client I get the below.
>
>
>
> The root certificate is "trusted" on both the client and server, and the
> chain shows up with no problems if I click on any of the certs. Anyone
got
> any ideas?
>
>
>
> PEAP is working perfectly, but I wanted to try and get it working with
certs
> as that is more secure. Thanks
>
>
> Event Type: Warning
> Event Source: IAS
> Event Category: None
> Event ID: 2
> Date: 6/1/2005
> Time: 2:56:31 PM
> User: N/A
> Computer: IAS1
> Description:
> User Bob was denied access.
> Fully-Qualified-User-Name = ws.local/Accounts/Apartment Users/Bob
> NAS-IP-Address = 192.168.1.17
> NAS-Identifier = <not present>
> Called-Station-Identifier = <not present>
> Calling-Station-Identifier = 00-12-17-e1-22-39
> Client-Friendly-Name = wireless
> Client-IP-Address = 192.168.1.17
> NAS-Port-Type = Wireless - IEEE 802.11
> NAS-Port = 0
> Proxy-Policy-Name = Use Windows authentication for all users
> Authentication-Provider = Windows
> Authentication-Server = <undetermined>
> Policy-Name = Wireless
> Authentication-Type = EAP
> EAP-Type = <undetermined>
> Reason-Code = 22
> Reason = The client could not be authenticated because the Extensible
> Authentication Protocol (EAP) Type cannot be processed by the server.
>
> For more information, see Help and Support Center at
> http://go.microsoft.com/fwlink/events.asp.
> Data:
> 0000: 00 00 00 00 ....
>
>


.

Relevant Pages

  • Re: What doesnt lend itself to OO?
    ... >> proxy and instructs the server to constuct the real object. ... rather than client code. ... If 'clock' is instantiated in the server, ... > for the server interface at the OOA level. ...
    (comp.object)
  • This is going straight to the pool room
    ... or not the client has privilege to do what they're trying to do, ... The server environment is this: ... 3GL User action Routines that Tier3 will execute on your behalf during the ... Routine Name: USER_INIT ...
    (comp.os.vms)
  • [Full-Disclosure] R: Full-Disclosure Digest, Vol 3, Issue 42
    ... Full-Disclosure Digest, Vol 3, Issue 42 ... SD Server 4.0.70 Directory Traversal Bug ... Arkeia Network Backup Client Remote Access ...
    (Full-Disclosure)
  • Re: What doesnt lend itself to OO?
    ... > rather than client code. ... no way to do that without also touching the object with clock semantics ... will not encapsulate both clock semantics and network semantics. ... The server can do whatever it wants ...
    (comp.object)
  • RE: Fax monitor incoming + outgoing calls?
    ... problem between the client computer and the SBS server. ... Client is using the internal IP address of the SBS server as the ... To the folder redirection GPO issue: ...
    (microsoft.public.windows.server.sbs)