Re: 802.1x PEAP with VeriSign WLAN certificate
- From: StevieD <StevieD@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Wed, 18 Oct 2006 08:10:02 -0700
I have resolved this issue now.
I exported the VeriSign WLAN server certificate with the private key, then
deleted the Cert from the Machine store. I then imported it again into the
MACHINE store.
Very odd.
"StevieD" wrote:
Hi,.
Thanks for your response. I've double checked the shared secret and it is
the same on the AP & IAS.
Does my setup look correct? AD on one box, IAS server with VeriSign WLAN
certificate on the other box? Am I correct in saying I don't need to install
the CA service on any server for this scenario?
FYI On the wireless client the status never gets past 'validating identity'.
Any other ideas? Thanks
"James McIllece [MS]" wrote:
=?Utf-8?B?U3RldmllRA==?= <StevieD@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in
news:4B357F46-9D8C-47C0-AE66-9FAB625782AA@xxxxxxxxxxxxx:
I'm trying to use 802.1x with PEAP for our wireless network. In order
to use that we have a RADIUS server (Windows 2003 IAS), AD in native
mode, but no CA deployed. Is this the first mistake?
I have followed the "Obtaining and Installing a VeriSign WLAN Server
Certificate for PEAP-MS-CHAP v2 Wireless Authentication" guide from
Microsoft, and it doesn't mention the need for a CA.
So following the guide, I've installed the VeriSign WLAN server
certificate on the IAS server, in the Local Computer certificate
store. I've verified the installation. On the client, I have setup
for 802.1x PEAP, ticked the validate server certificate and selected
the Trusted Certificate Authority Root as VeriSign Class 3 Primary CA
-expire 8/1/2028, as stated in the guide mentioned above.
I'm unable to connect to the network. I am getting the following
errors in the event log on the IAS server.
Event Type: Error
Event Source: IAS
Event Category: None
Event ID: 20168
Description:
Could not retrieve the Remote Access Server's certificate due to the
following error: The credentials supplied to the package were not
recognized
Event Type: Error
Event Source: IAS
Event Category: None
Event ID: 3
Description:
Access request for user domain\user was discarded.
Fully-Qualified-User-Name = domain/ou/user
NAS-IP-Address = 192.x.x.x
NAS-Identifier = WiFi
Called-Station-Identifier =
Calling-Station-Identifier =
Client-Friendly-Name =
Client-IP-Address = 192.x.x.x
NAS-Port-Type = Wireless - IEEE 802.11
NAS-Port = <not present>
Proxy-Policy-Name = Use Windows authentication for all users
Authentication-Provider = Windows
Authentication-Server = <undetermined>
Reason-Code = 1
Reason = An internal error occurred.
Can someone please please advise me on where I'm going wrong?
Thank you
Hi there -
This sounds like the shared secret you have configured on the AP and on the
IAS server do not match.
--
James McIllece, Microsoft
Please do not send email directly to this alias. This is my online account
name for newsgroup participation only.
This posting is provided "AS IS" with no warranties, and confers no rights.
- Follow-Ups:
- Re: 802.1x PEAP with VeriSign WLAN certificate
- From: James McIllece [MS]
- Re: 802.1x PEAP with VeriSign WLAN certificate
- References:
- Re: 802.1x PEAP with VeriSign WLAN certificate
- From: James McIllece [MS]
- Re: 802.1x PEAP with VeriSign WLAN certificate
- From: StevieD
- Re: 802.1x PEAP with VeriSign WLAN certificate
- Prev by Date: Re: 802.1x PEAP with VeriSign WLAN certificate
- Next by Date: Re: 802.1x PEAP with VeriSign WLAN certificate
- Previous by thread: Re: 802.1x PEAP with VeriSign WLAN certificate
- Next by thread: Re: 802.1x PEAP with VeriSign WLAN certificate
- Index(es):
Relevant Pages
|
Loading
