Re: Please help! I am just about to go berserk and pull a terror attack on my Radius Server. WIFI users cannot authenticate

ello,

this may help:
802.1x client authentication fails when you connect to a Windows Server 2003-based computer that is running IAS
http://support.microsoft.com/kb/838502/EN-US/



--
Cordialement,
Mathieu CHATEAU
English blog: http://lordoftheping.blogspot.com
French blog: http://www.lotp.fr


"El CiD" <yaderwong@xxxxxxxxxxx> wrote in message news:hmm2i3lbnsgs58f3mf7q2sllbghf35o85e@xxxxxxxxxx
The same setup has been working for 3 days. All of sudden, the user
cannot authenticate. The user doesnt get prompted to enter
username/domain when connecting to the wifi lan. What follows is the
complete log of the error. There has been no changes to my setup. I
am using a cisco 4400 controller and 1 LWAP access point by cicso.
It connects to my radius server based on windows 2003


Please, any input in the matter is hjghly appreciated. I have been
fighting with this for a few days and cannot get it resolved. Microsft
knowledge base articles have not helped me any.



Server: Windows Server 2003 x64 SP1 or R2
Client: Windows XP Pro SP2
From time to time some of my XP SP2 clients fail to authenticate with
IAS
and thus end up working without WLAN. This is what I get in System
log:

Event Type: Warning
Event Source: IAS
Event Category: None
Event ID: 2
Date: 2007.02.09
Time: 13:49:46
User: N/A
Computer: server
Description:
User host/pc1.firm.com was denied access.
Fully-Qualified-User-Name = firm.com/computers/pc1
NAS-IP-Address = 10.19.247.234
NAS-Identifier = FIRM
Called-Station-Identifier = 00-18-FE-D0-B0-39
Calling-Station-Identifier = 00-90-4B-B9-D3-A8
Client-Friendly-Name = FIRM
Client-IP-Address = 10.19.247.234
NAS-Port-Type = Wireless - IEEE 802.11
NAS-Port = 0
Proxy-Policy-Name = Use Windows authentication for all users
Authentication-Provider = Windows
Authentication-Server = <undetermined>
Policy-Name = WLAN
Authentication-Type = PEAP
EAP-Type = <undetermined>
Reason-Code = 262
Reason = The supplied message is incomplete. The signature was not
verified.



.

Relevant Pages

  • Re: Aironet 1200/Radius Help Needed
    ... I just fired up a W2003 Advanced Server so that I can take ... >> IAS servers (do I need a separate certificate for the secondary IAS ... >> of authentication since it involves just installing the certificate on ... >between the AP and the client. ...
    (microsoft.public.internet.radius)
  • RE: How to start/stop windows service on a remote machine?
    ... impersonate the client user(authenticated via integrated windows ... authentication in IIS) and access some remote protected resource(windows ... the problem you meet is a typical windows ... want to continue access other remote machine, ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: SP1 und Netzwerkauthentifizierung 802.1x
    ... Es gab mal ein Problem wenn das Client Certificat ... 953650 You cannot connect to an 802.1X wired network after you upgrade to Windows XP Service Pack 3 ... 838502 802.1x client authentication fails when you connect to a Windows Server ... IAS Best Practices: ...
    (microsoft.public.de.windows.vista.installation)
  • Re: 802.1X/EAP authentication issue with XP client
    ... I also tried adjusting the IAS remote access policy framed MTU param ... client, same scenario, is not getting a successful authentication. ... or system event logs. ...
    (microsoft.public.internet.radius)
  • Re: IAS to authenticate CISCO VPN traffic
    ... I ran the netsh ras set tracing iassam enabled, ... in the ias log file i still see the normal log details as follows.. ... I created a client within IAS called ... >> Within this profile Under authentication and encryption I have tried ...
    (microsoft.public.internet.radius)