none
802.1x RADIUS stopped working - 6273 Audit Failure

    Question

  • Hi,

    We use a combination of Ruckus and Network Policy Server running on 2008R2 to provide 802.1x authentication to our wireless network.

    For the past year, it has given us very few problems but now, nobody can connect. Always get the same "The RADIUS request did not match any configured connection request policy"

    We have very little in the way of network policies and connection request policies. Literally the only requirements are that they have wireless ability, are member of the Domain Computers group and use Windows authentication.

    The computers are logging on to the domain fine therefore it should be passing their AD credentials, they obviously have wireless and they are members of the Domain Computers group. The certificate hasn't expired.

    I have tried disabling all the policies and it still doesn't work. I have tried rebooting the NPS and the Ruckus box.

    Does anyone have any idea what is wrong? - here is the full log file :

    Log Name: Security
    Source: Microsoft-Windows-Security-Auditing
    Date: 21/08/2013 11:26:55
    Event ID: 6273
    Task Category: Network Policy Server
    Level: Information
    Keywords: Audit Failure
    User: N/A
    Computer: nwhserver9.nwhs.local
    Description:
    Network Policy Server denied access to a user.

    Contact the Network Policy Server administrator for more information.

    User:
    Security ID: NULL SID
    Account Name: NWHS\administrator
    Account Domain: -
    Fully Qualified Account Name: -

    Client Machine:
    Security ID: NULL SID
    Account Name: -
    Fully Qualified Account Name: -
    OS-Version: -
    Called Station Identifier: 54-3D-37-A0-75-18:nwhsatrium
    Calling Station Identifier: F0-7B-CB-95-0B-E6

    NAS:
    NAS IPv4 Address: 10.103.20.13
    NAS IPv6 Address: -
    NAS Identifier: 54-3D-37-A0-75-18
    NAS Port-Type: Wireless - IEEE 802.11
    NAS Port: 10

    RADIUS Client:
    Client Friendly Name: ZoneDirector
    Client IP Address: 10.103.20.13

    Authentication Details:
    Connection Request Policy Name: -
    Network Policy Name: -
    Authentication Provider: -
    Authentication Server: nwhserver9.nwhs.local
    Authentication Type: -
    EAP Type: -
    Account Session Identifier: -
    Logging Results: Accounting information was written to the local log file.
    Reason Code: 49
    Reason: The RADIUS request did not match any configured connection request policy (CRP).

    Event Xml:
    <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
    <System>
    <Provider Name="Microsoft-Windows-Security-Auditing" Guid="{54849625-5478-4994-A5BA-3E3B0328C30D}" />
    <EventID>6273</EventID>
    <Version>1</Version>
    <Level>0</Level>
    <Task>12552</Task>
    <Opcode>0</Opcode>
    <Keywords>0x8010000000000000</Keywords>
    <TimeCreated SystemTime="2013-08-21T10:26:55.354977200Z" />
    <EventRecordID>3509381</EventRecordID>
    <Correlation />
    <Execution ProcessID="600" ThreadID="6168" />
    <Channel>Security</Channel>
    <Computer>nwhserver9.nwhs.local</Computer>
    <Security />
    </System>
    <EventData>
    <Data Name="SubjectUserSid">S-1-0-0</Data>
    <Data Name="SubjectUserName">NWHS\administrator</Data>
    <Data Name="SubjectDomainName">-</Data>
    <Data Name="FullyQualifiedSubjectUserName">-</Data>
    <Data Name="SubjectMachineSID">S-1-0-0</Data>
    <Data Name="SubjectMachineName">-</Data>
    <Data Name="FullyQualifiedSubjectMachineName">-</Data>
    <Data Name="MachineInventory">-</Data>
    <Data Name="CalledStationID">54-3D-37-A0-75-18:nwhsatrium</Data>
    <Data Name="CallingStationID">F0-7B-CB-95-0B-E6</Data>
    <Data Name="NASIPv4Address">10.103.20.13</Data>
    <Data Name="NASIPv6Address">-</Data>
    <Data Name="NASIdentifier">54-3D-37-A0-75-18</Data>
    <Data Name="NASPortType">Wireless - IEEE 802.11</Data>
    <Data Name="NASPort">10</Data>
    <Data Name="ClientName">ZoneDirector</Data>
    <Data Name="ClientIPAddress">10.103.20.13</Data>
    <Data Name="ProxyPolicyName">-</Data>
    <Data Name="NetworkPolicyName">-</Data>
    <Data Name="AuthenticationProvider">-</Data>
    <Data Name="AuthenticationServer">nwhserver9.nwhs.local</Data>
    <Data Name="AuthenticationType">-</Data>
    <Data Name="EAPType">-</Data>
    <Data Name="AccountSessionIdentifier">-</Data>
    <Data Name="ReasonCode">49</Data>
    <Data Name="Reason">The RADIUS request did not match any configured connection request policy (CRP).</Data>
    <Data Name="LoggingResult">Accounting information was written to the local log file.</Data>
    </EventData>
    </Event>
    Thursday, August 29, 2013 8:21 AM

Answers