Re: Wireless Radius Clients
- From: Steven <Steven@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Wed, 8 Mar 2006 14:05:24 -0800
I saw that too and wondered, but isn't the authenticator the AP? Which
forwards requests to the Authentication Server? Meaning the AP is the
problem?
The keys are 1024. This is a SBS 2003 Premium DC. Nothing 3rd party should
be interfereing here. This is a very clean server and SOHO testing
environment. The Windows policy in IAS was made by the wizard. I removed it
and that didn't change anything. Nothing else in the even t logs.
Any suggestions?
--
Steve
"Ace Fekay [MVP]" wrote:
In news:56474046-5490-4241-9D3B-3598C9EAC092@xxxxxxxxxxxxx,.
Steven <Steven@xxxxxxxxxxxxxxxxxxxxxxxxx> stated, which I commented on
below:
Thanks for your reply Ace,
I have done everything by the book. As I said, my L2TP/IPSec is
working perfectly from the same computer. It uses the computer cert
and the user cert. I suspect the problem may be my Linksys as it is a
router and not a AP however it does have the Radius selection under
security. When I select it I point it to my Radius IP address and
then give the linksys a static IP and set it as a Radius Client. Yes
I tried using WPA TKIP - Radius on that end. Trying to move away from
WEP. I haven't set a Wireless GPO yet, i won't do that untill I can
successfully connect manually. Would love to get what you have but
don't want to spend 600 bucks. I have a small SOHO for testing only.
Looking at USR5450 for only 150.
Below is an ISA log:
Access request for user stevef@xxxxxxxxxxxxx was discarded.
Fully-Qualified-User-Name =
XXXXXXX.local/MyBusiness/Users/SBSUsers/Steven XXXXXX NAS-IP-Address
= 192.168.16.28 NAS-Identifier = Linksys BEFW41S4-V4.X
Called-Station-Identifier = 00-12-17-e0-e3-2b
Calling-Station-Identifier = 00-0e-35-7b-2d-8e Client-Friendly-Name =
Wireless Linksys Client-IP-Address = 192.168.16.28 NAS-Port-Type =
Wireless - IEEE 802.11 NAS-Port = <not present> Proxy-Policy-Name =
Use Windows authentication for all users Authentication-Provider =
Windows Authentication-Server = <undetermined> Reason-Code = 9 Reason
= The request was discarded by a third-party extension DLL file.
Lastly - I set up the IAS policy with the wizard and selected cert,
then select the server cert. Same way L2TP works. Its policy number 1.
Hope all this helps and thanks again for your help.
Hi Steve,
This part of the log grabbed my attention:
Windows Authentication-Server = <undetermined> Reason-Code = 9 Reason
= The request was discarded by a third-party extension DLL file.
Curious what that 3rd party DLL is it referring to that discarded the
authentication request?? Something else installed?
Is your key length greater than 1024? Windows with L2TP/IPSec will support
larger keys, but not the wireless devices, AP or not. They're maxxed at
1024.
Anything in the Event logs?
Ace
- References:
- Re: Wireless Radius Clients
- From: Ace Fekay [MVP]
- Re: Wireless Radius Clients
- From: Steven
- Re: Wireless Radius Clients
- From: Ace Fekay [MVP]
- Re: Wireless Radius Clients
- Prev by Date: Re: Site to Site VPN using IPSec between Win2k3 Server and BEFVP41
- Next by Date: Re: Wireless Radius Clients
- Previous by thread: Re: Wireless Radius Clients
- Next by thread: Re: Wireless Radius Clients
- Index(es):
Relevant Pages
|
|
