Re: WLAN Security WPA EAP/TLS. Authentication Failed error
- From: Steve Halvorson <steveh@xxxxxxxxxxxxxx>
- Date: Thu, 13 Mar 2008 10:15:00 -0700
I guess I am not sure what you mean by a formatted copy of the system event
log, but here is the event that appears to apply...
User host/SJHAHPNC6400.mydomain.net was denied access.
Fully-Qualified-User-Name = mydomain.net/Windows Vista/SJHAHPNC6400
NAS-IP-Address = 0.0.0.0
NAS-Identifier = DWL-3140_WLS_SW
Called-Station-Identifier = 00-1c-f0-59-df-d1
Calling-Station-Identifier = 00-19-d2-ab-72-13
Client-Friendly-Name = AP_1
Client-IP-Address = 10.1.0.101
NAS-Port-Type = Wireless - IEEE 802.11
NAS-Port = 0
Proxy-Policy-Name = Use Windows authentication for all users
Authentication-Provider = Windows
Authentication-Server = <undetermined>
Policy-Name = Connections to other access servers
Authentication-Type = EAP
EAP-Type = <undetermined>
Reason-Code = 65
Reason = The connection attempt failed because remote access permission for
the user account was denied. To allow remote access, enable remote access
permission for the user account, or, if the user account specifies that
access is controlled through the matching remote access policy, enable remote
access permission for that remote access policy.
Note that the radius server is also being used to authenticate VPN traffic
through our ISA server.
Thanks
--
Steve Halvorson
Preferred Credit, Inc
"S. Pidgorny <MVP>" wrote:
If you're using descriptive policy names, using Windows authentication for.
all users is not the right thing to do if you're using certificate
authentication.
Can you copy/pasted a formatted System log entry from event viewer?
--
Svyatoslav Pidgorny, MS MVP - Security, MCSE
-= F1 is the key =-
* http://sl.mvps.org * http://msmvps.com/blogs/sp *
"Steve Halvorson" <steveh@xxxxxxxxxxxxxx> wrote in message
news:C95D2B50-350E-4572-AF18-F2E9EF52A1C3@xxxxxxxxxxxxxxxx
I am setting up WLAN to secure our wireless network. I plan to use 802.1x
EAP/TLS with certificates for the client machine and user. My issuing
certificate server is Windows 2003 Enterprise and I have the certificates
set
to Autoenroll the machines in the correct AD group. WHen I check the
machines, they appear to have the correct certificates installed. The AP
is
set for 802.1x and is pointed to the radius server. The radius server has
the AP as a client. However, when trying to connect to the AP, I get a
"Windows was unable to log you into the network" error after the initial
connection to the AP. Ipconfig shows an ip address of 0.0.0.0. I need
some
help troubleshooting this issue. I've included some of the radius server
log
below but I don't see any obvious problems.
Radius Server Log.
"RAD1","IAS",03/04/2008,00:00:01,1,"me@xxxxxxxxxxxx","mydomain.net/InformationTechnology/me","00-1c-f0-59-df-d1","00-13-02-1e-98-44",,,"DWL-3140_WLS_SW","0.0.0.0",0,0,"10.1.0.101","AP_1",,,19,,,,5,"Connections
to other access servers",0,"311 1 10.1.0.28 02/29/2008 18:01:15
31478",,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,"Use Windows authentication for
all
users",1,,,,
"RAD1","IAS",03/04/2008,00:00:01,3,,"mydomain.net/InformationTechnology/Me",,,,,,,,0,"10.1.0.101","AP_1",,,,,,,5,"Connections
to other access servers",66,"311 1 10.1.0.28 02/29/2008 18:01:15
31478",,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,"Use Windows authentication for
all
users",1,,,,
I am really scratching my head on how to tell where the process is failing
so any help would be greatly appreciated.
Steve Halvorson
Preferred Credit, Inc
- Follow-Ups:
- Re: WLAN Security WPA EAP/TLS. Authentication Failed error
- From: Jian-Ping Zhu [MSFT]
- Re: WLAN Security WPA EAP/TLS. Authentication Failed error
- References:
- WLAN Security WPA EAP/TLS. Authentication Failed error
- From: Steve Halvorson
- WLAN Security WPA EAP/TLS. Authentication Failed error
- Prev by Date: RE: WLAN Security WPA EAP/TLS. Authentication Failed error
- Next by Date: Automated CA build
- Previous by thread: RE: WLAN Security WPA EAP/TLS. Authentication Failed error
- Next by thread: Re: WLAN Security WPA EAP/TLS. Authentication Failed error
- Index(es):
Relevant Pages
|
