Re: 802.1x authentication for wireless issues w/ ISA 2004

---

• From: Owen Williams [SBS MVP] <Owen@xxxxxxxxxxxxxxxxxx>
• Date: Thu, 19 Apr 2007 16:57:01 -0400

---

In article <F8B6D665-521C-4D5C-80E2-C7E19F211D0B@xxxxxxxxxxxxx>,
JP@xxxxxxxxxxxxxxxxxxxxxxxxx says...

No errors in the group policy update.

And you verified the wireless config on the two laptops is correct
(i.e., matches the GPO config), right?

I rebuitl my cert authority completly
from scratch and the certs rolled out as expected. Still no wireless
connection. Just the connect and reconnect over and over on two different
laptops that are extremely different.

If the wireless configs look correct, the fact the two laptops are
different (and I assume you mean different manufacturers/models/wireless
NICs) suggests we need to find a "common element." This would include:

* The WAP(s)
* The wired network (WAP <-> Switch <-> Servers)
* The server(s)
* IAS
* ISA [have you tried _temporarily_ disabling ISA?]

I was happy to see the event log you sent of a succesful connection. I
think this may hold the key.

Me, too.

THe part on my event that troubles me is below:

Proxy-Policy-Name = Use Windows authentication for all users

This is normal - it appears in all of the IAS "access granted" events I
have seen from working secure wireless networks. I thought I knew where
it was set but I can't find it after a quick look. (And I have never
had to explicitly set it.) I vaguely recall it may only be changeable
when ISA2000/04 is running and, since I don't use them, I am not seeing
any other choices. Regardless, the setting is correct and you should
not need to change it.

Authentication-Provider = <none>
Authentication-Server = <undetermined>
Policy-Name = <undetermined>
Authentication-Type = <undetermined>
EAP-Type = <undetermined>

These are a problem - or at least suspicious - as my previous post
indicated.

Where is a proxy policy comming from? It seems like we are trying to only
authenticate the computer and this is trying to authenticate the user and not
very well at that.

I believe the term "user" in the message is rather loose and also
applies to computers in this context.

-- Owen Williams (SBS MVP)
.

---

• Follow-Ups:
  • Re: 802.1x authentication for wireless issues w/ ISA 2004
    • From: JP

• References:
  • Re: 802.1x authentication for wireless issues w/ ISA 2004
    • From: JP
  • Re: 802.1x authentication for wireless issues w/ ISA 2004
    • From: Owen Williams [SBS MVP]
  • Re: 802.1x authentication for wireless issues w/ ISA 2004
    • From: JP
  • Re: 802.1x authentication for wireless issues w/ ISA 2004
    • From: Owen Williams [SBS MVP]
  • Re: 802.1x authentication for wireless issues w/ ISA 2004
    • From: JP
  • Re: 802.1x authentication for wireless issues w/ ISA 2004
    • From: Owen Williams [SBS MVP]
  • Re: 802.1x authentication for wireless issues w/ ISA 2004
    • From: JP

• Prev by Date: Re: 802.1x authentication for wireless issues w/ ISA 2004
• Next by Date: Re: Issues with latest released patches from MS
• Previous by thread: Re: 802.1x authentication for wireless issues w/ ISA 2004
• Next by thread: Re: 802.1x authentication for wireless issues w/ ISA 2004
• Index(es):
  • Date
  • Thread

• Windows
• Science
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint

www.tech-archive.net  > Archive  > Windows  > microsoft.public.windows.server.sbs  > 2007-04