windows 2008 radius server debugging
- we're running WiFI infrastructure on windows 2003 radius with ssl certs. it works pretty well. however, we cannot get it running with windows 2008 radius. we'd like to debug it, but system events are clueless on that. how can we raise debug level of IAS/radius on windows 2008 ?
All Replies
- Hi Ilia
Please refer this Article
http://www.bunkerhollow.com/blogs/matt/archive/2008/06/04/configuring-server-2008-for-radius-authentication.aspx
Thanks...
Deva --Self-trust is the first secret of success. Hi Ilia
Please refer this Article
http://www.bunkerhollow.com/blogs/matt/archive/2008/06/04/configuring-server-2008-for-radius-authentication.aspx
Thanks...
Deva --Self-trust is the first secret of success.
it says how to setup different things. I did similar setup, except that I need WiFi things. However, it didn't work for me and I like to turn on debugging on Radius. That article says nothing about debugging. Or does it ?- Hi Ilia chipitsine,
I went through the above link provided by Deva but unfortunately it doesnt have information related to RAS debugging.
You can use NETSH command line utility to achieve RAS logging , please find the below link
http://technet.microsoft.com/en-us/library/cc730682(WS.10).aspx
Solutions Architect - Hi There,
Just want to check back if you were able to go through my post
Solutions Architect Hi Ilia chipitsine,
I went through the above link provided by Deva but unfortunately it doesnt have information related to RAS debugging.
You can use NETSH command line utility to achieve RAS logging , please find the below link
http://technet.microsoft.com/en-us/library/cc730682(WS.10).aspx
Solutions Architect
I did "netsh ras diagnostics set rastracing * enabled" and now there many files in %WinDir%\tracing
I noticed only IASRAD.txt with
.....
[6548] 10-26 18:29:13:167: Resuming Radius component...
[6548] 10-26 18:29:13:167: RADIUS Server starting to listen on ::-1812
[6548] 10-26 18:29:13:167: RADIUS Server starting to listen on ::-1645
[6548] 10-26 18:29:13:168: RADIUS Server starting to listen on ::-1813
[6548] 10-26 18:29:13:168: RADIUS Server starting to listen on ::-1646
[6548] 10-26 18:29:13:168: Radius componend resumed.
[3116] 10-27 15:05:22:111: Receive RADIUS packet with size 155 from ::ffff:192.168.80.55
[4496] 10-27 15:05:25:105: Receive RADIUS packet with size 155 from ::ffff:192.168.80.55
[3116] 10-27 15:05:31:116: Receive RADIUS packet with size 155 from ::ffff:192.168.80.55
[4496] 10-27 15:05:43:127: Receive RADIUS packet with size 155 from ::ffff:192.168.80.55
[3116] 10-27 15:06:36:552: Receive RADIUS packet with size 155 from ::ffff:192.168.80.55
[4496] 10-27 15:06:39:557: Receive RADIUS packet with size 155 from ::ffff:192.168.80.55
[3116] 10-27 15:06:45:569: Receive RADIUS packet with size 155 from ::ffff:192.168.80.55
[4496] 10-27 15:06:57:574: Receive RADIUS packet with size 155 from ::ffff:192.168.80.55
[3116] 10-27 15:07:13:765: Receive RADIUS packet with size 155 from ::ffff:192.168.80.55
[4496] 10-27 15:07:16:759: Receive RADIUS packet with size 155 from ::ffff:192.168.80.55
[3116] 10-27 15:07:22:763: Receive RADIUS packet with size 155 from ::ffff:192.168.80.55
[4496] 10-27 15:07:34:751: Receive RADIUS packet with size 155 from ::ffff:192.168.80.55
....
so, RADIUS server receives those packets, but doesn't respond to them. And nothing is said about it in logs. Can log level be raised even more ?
well, I did also "netsh ras diagnostics set loglevel all" and there're much more debugging, and it's even more interesting. In brief, I enabled "smart card or other certificate" for 802.11X, and it says nowHi Ilia chipitsine,
I went through the above link provided by Deva but unfortunately it doesnt have information related to RAS debugging.
You can use NETSH command line utility to achieve RAS logging , please find the below link
http://technet.microsoft.com/en-us/library/cc730682(WS.10).aspx
Solutions Architect
I did "netsh ras diagnostics set rastracing * enabled" and now there many files in %WinDir%\tracing
I noticed only IASRAD.txt with
.....
[6548] 10-26 18:29:13:167: Resuming Radius component...
[6548] 10-26 18:29:13:167: RADIUS Server starting to listen on ::-1812
[6548] 10-26 18:29:13:167: RADIUS Server starting to listen on ::-1645
[6548] 10-26 18:29:13:168: RADIUS Server starting to listen on ::-1813
[6548] 10-26 18:29:13:168: RADIUS Server starting to listen on ::-1646
[6548] 10-26 18:29:13:168: Radius componend resumed.
[3116] 10-27 15:05:22:111: Receive RADIUS packet with size 155 from ::ffff:192.168.80.55
[4496] 10-27 15:05:25:105: Receive RADIUS packet with size 155 from ::ffff:192.168.80.55
[3116] 10-27 15:05:31:116: Receive RADIUS packet with size 155 from ::ffff:192.168.80.55
[4496] 10-27 15:05:43:127: Receive RADIUS packet with size 155 from ::ffff:192.168.80.55
[3116] 10-27 15:06:36:552: Receive RADIUS packet with size 155 from ::ffff:192.168.80.55
[4496] 10-27 15:06:39:557: Receive RADIUS packet with size 155 from ::ffff:192.168.80.55
[3116] 10-27 15:06:45:569: Receive RADIUS packet with size 155 from ::ffff:192.168.80.55
[4496] 10-27 15:06:57:574: Receive RADIUS packet with size 155 from ::ffff:192.168.80.55
[3116] 10-27 15:07:13:765: Receive RADIUS packet with size 155 from ::ffff:192.168.80.55
[4496] 10-27 15:07:16:759: Receive RADIUS packet with size 155 from ::ffff:192.168.80.55
[3116] 10-27 15:07:22:763: Receive RADIUS packet with size 155 from ::ffff:192.168.80.55
[4496] 10-27 15:07:34:751: Receive RADIUS packet with size 155 from ::ffff:192.168.80.55
....
so, RADIUS server receives those packets, but doesn't respond to them. And nothing is said about it in logs. Can log level be raised even more ?
[1260] 10-27 18:11:25:715: NT-SAM Names handler received request with user identity xxx.
[1260] 10-27 18:11:25:715: Prepending default domain.
[1260] 10-27 18:11:25:715: NameMapper::prependDefaultDomain
[1260] 10-27 18:11:25:715: SAM-Account-Name is "xxx\xxx".
[1260] 10-27 18:11:25:715: Successfully created new RAP Based EAP session for user xxx\xxx.
[1260] 10-27 18:11:25:715: No AUTHENTICATION extensions, continuing
[1260] 10-27 18:11:25:715: NT-SAM Authentication handler received request for xxx\xxx.
[1260] 10-27 18:11:25:715: Validating windows user account xxx\xxx
[1260] 10-27 18:11:25:715: Sending LDAP search to xxx.xxx.
[1260] 10-27 18:11:25:718: Successfully validated windows account xxx\xxx.
[1260] 10-27 18:11:25:719: Allowed EAP type: 13
[1260] 10-27 18:11:25:719: Succesfully created EAP Host session with session id 67
[1260] 10-27 18:11:25:722: EapHostAuthenticatorReceivePacket failed with 0x80420101
[1260] 10-27 18:11:25:722: Caught COM exception:
[1260] 10-27 18:11:25:722: No AUTHORIZATION extensions, continuing
what does that error mean ?- also ssl certificate has an exclamation mark on "Basic constraints"
what could that mean ? - up
- up
- up
- Hi Ilia,
Just want to check back with you on the issue, can you please let us know where are we on the issue ? Hi Ilia,
Just want to check back with you on the issue, can you please let us know where are we on the issue ?
we are on the issue, exactly. it's still waiting to be solved.
