Re: IAS server and access points
- From: "James McIllece [MS]" <jamesmci@xxxxxxxxxxxxxxxxxxxx>
- Date: Mon, 20 Aug 2007 14:37:40 -0700
Since you are using GP to push the same settings to all wireless clients,
the problem with scripts not running on some clients sounds like an AP
problem to me. If the clients can connect successfully and have scripts run
to some APs and not others, I would check the AP configuration to make sure
it's correct; and if it is, it might be a situation where you want to
update firmware or just get more of the APs that work. :-)
James
=?Utf-8?B?R2FyeUFTRw==?= <GaryASG@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in
news:38D55B5E-83D8-4DCD-BC9B-7E3279686C6F@xxxxxxxxxxxxx:
Thanks for the reply
I have an update which definitely blames the AP's.
I have actually been in touch with Netgear tech support on this
current problem. I used Ethereal to look at packets arriving on the
IAS server from the access points and Ethereal marked the packets as
Malformed. The problem is I cannot determine what exactly is malformed
about them. I have sent the logs to Netgear and made steps to return
the AP's as not fit for purpose.
What is most frustrating is that this has happened with so many
manufacturers. Although I cannot confirm the previous AP's had the
same problem they just had the same effect.
I do have the validate server certificate selected. I use GP to push
out the wireless policy to all client pc's in a specific group.
"James McIllece [MS]" wrote:
=?Utf-8?B?R2FyeUFTRw==?= <GaryASG@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in
news:5C745148-BAF6-4650-9DA8-C2B63820C71F@xxxxxxxxxxxxx:
I am having a problem with some access points that are 802.1x
capable. I use PEAP and passwords to authenticate wireless clients.
Some access points work fine with IAS others can only authenticate
the users as they login they do not authenticate the computers
before login. This prevents our login script from running. The
computers can authenticate once the user is logged in but this is
too late. I get an occassional message on my IAS server that says
"A RADIUS message with the Code field set to 2, which is not valid,
was received on port 1812 from RADIUS client "access point name."
This also appears with code field 4 & 5. I frequently get no
message at all. This has happened with 3com, netgear, dlink and
linksys access points. It also varies with firmware on some accesss
points i.e. old firmware works new firmware does not. Is this just
a problem with the access points or could it be my network/IAS
setup? Any help gratefully received
If the access points are sending RADIUS messages with invalid values
for the code field, there is nothing wrong with your setup -- as you
have noted, IAS will reject messages with invalid values.
Without implying that the APs you are using are not compliant with
the RADIUS protocol/RFC's, I can say that whatever APs you're using
must be compliant with the RADIUS protocol and RFCs, and if you're
having problems with APs you should definitely contact the AP vendor.
As for logon scripts running, do you have all clients configured to
validate the IAS server? (Can't remember the name of this control on
the client, I think it is probably "Validate server certificate")
--
James McIllece, Microsoft
Please do not send email directly to this alias. This is my online
account name for newsgroup participation only.
This posting is provided "AS IS" with no warranties, and confers no
rights.
--
James McIllece, Microsoft
Please do not send email directly to this alias. This is my online account
name for newsgroup participation only.
This posting is provided "AS IS" with no warranties, and confers no rights.
.
- References:
- Re: IAS server and access points
- From: James McIllece [MS]
- Re: IAS server and access points
- From: GaryASG
- Re: IAS server and access points
- Prev by Date: Re: IAS server and access points
- Next by Date: Re: IAS server and access points
- Previous by thread: Re: IAS server and access points
- Next by thread: Connecting a Wireless Projector to a network That is Using IAS
- Index(es):
Relevant Pages
|
Loading
