Re: Wireless Radius Clients

Ace - just wanted to let you know I went out and purchased and actual AP and
now everything works great. Sorry to waste you time.
--
Steve
MCSA, MCSE


"Ace Fekay [MVP]" wrote:

In news:56474046-5490-4241-9D3B-3598C9EAC092@xxxxxxxxxxxxx,
Steven <Steven@xxxxxxxxxxxxxxxxxxxxxxxxx> stated, which I commented on
below:
Thanks for your reply Ace,

I have done everything by the book. As I said, my L2TP/IPSec is
working perfectly from the same computer. It uses the computer cert
and the user cert. I suspect the problem may be my Linksys as it is a
router and not a AP however it does have the Radius selection under
security. When I select it I point it to my Radius IP address and
then give the linksys a static IP and set it as a Radius Client. Yes
I tried using WPA TKIP - Radius on that end. Trying to move away from
WEP. I haven't set a Wireless GPO yet, i won't do that untill I can
successfully connect manually. Would love to get what you have but
don't want to spend 600 bucks. I have a small SOHO for testing only.
Looking at USR5450 for only 150.

Below is an ISA log:

Access request for user stevef@xxxxxxxxxxxxx was discarded.
Fully-Qualified-User-Name =
XXXXXXX.local/MyBusiness/Users/SBSUsers/Steven XXXXXX NAS-IP-Address
= 192.168.16.28 NAS-Identifier = Linksys BEFW41S4-V4.X
Called-Station-Identifier = 00-12-17-e0-e3-2b
Calling-Station-Identifier = 00-0e-35-7b-2d-8e Client-Friendly-Name =
Wireless Linksys Client-IP-Address = 192.168.16.28 NAS-Port-Type =
Wireless - IEEE 802.11 NAS-Port = <not present> Proxy-Policy-Name =
Use Windows authentication for all users Authentication-Provider =
Windows Authentication-Server = <undetermined> Reason-Code = 9 Reason
= The request was discarded by a third-party extension DLL file.

Lastly - I set up the IAS policy with the wizard and selected cert,
then select the server cert. Same way L2TP works. Its policy number 1.

Hope all this helps and thanks again for your help.

Hi Steve,

This part of the log grabbed my attention:
Windows Authentication-Server = <undetermined> Reason-Code = 9 Reason
= The request was discarded by a third-party extension DLL file.

Curious what that 3rd party DLL is it referring to that discarded the
authentication request?? Something else installed?

Is your key length greater than 1024? Windows with L2TP/IPSec will support
larger keys, but not the wireless devices, AP or not. They're maxxed at
1024.

Anything in the Event logs?

Ace




.

Relevant Pages

  • Re: Wireless Radius Clients
    ... It uses the computer cert ... router and not a AP however it does have the Radius selection under ... Access request for user stevef@xxxxxxxxxxxxx was discarded. ... Windows with L2TP/IPSec will support ...
    (microsoft.public.windows.server.networking)
  • Re: Wireless Radius Clients
    ... I think the problem has to be somewhere with setting up the linksys as the ... radius client. ... It uses the computer cert ... Access request for user stevef@xxxxxxxxxxxxx was discarded. ...
    (microsoft.public.windows.server.networking)
  • Re: Wireless Radius Clients
    ... I think the problem has to be somewhere with setting up the linksys as the ... radius client. ... It uses the computer cert ... Access request for user stevef@xxxxxxxxxxxxx was discarded. ...
    (microsoft.public.windows.server.networking)
  • Re: Unable to install Godaddy cert on SBS R2 Standard box
    ... I recently bought a ten year Turbo SSL cert, but I want to rebuild my server ... "Please create a new request,and request for a new certificate from ... Godaddy(issue a new certificate),then install the new certificate. ...
    (microsoft.public.windows.server.sbs)
  • Re: Computer and User Certificates Issues
    ... > Enrollment of User Certificates using the custom v2 User Certificate Template ... > request the new custom v2 User Cert that supports auto-enrollment as well as ... > the included version 1 no autoenrollment User Cert manually through the MMC. ... > Custom Computer Cert Security Permissions: ...
    (microsoft.public.security)