locked
NPS Suddenly stopped working. Wireless RADIUS issues specifically RRS feed

  • Question

  • Server- NPS is installed on Server 2008 R2 w/o SP1

    AP Clients- Netgear WG103 (with the latest firmware 2.0.25)

    The wireless clients were setup in NPS and worked fine for about a month and a half. Then suddently people weren't able to connect.

    Here is a list of things I have tried:

    -The issue seems to be just with the RADIUS network and is in multiple locations. (other networks are fine: Like our guest wifi that uses a basic WPA key.)

    -I have tried stopping and restating the NPS service on the RADIUS Clients server

    -I have patched and rebooted the server, which houses the RADIUS clients. (except SP1)

    -I tried setting up NPS on a different server and configuring 2 AP’s to connect to it. (still the same issue, At this point I'm wondering if it is the certificate authority.)

    -Using Telnet to connect to the server on ports 1812, 1813, 1645, and 1646 it is unresponsive, yet the server says the ports are open and listening.

    -I tried disabling the firewall on the server then telnetting with no luck.

    -A port scan on the server says the ports are closed, yet the server reports that they are open.

    -While running wireshark on a client; I tried to connect to the RADIUS network and got absolutely not packets. Connecting to a different network, packets come through (if it was the certificate, I should at least see traffic here right?)

    Thursday, April 28, 2011 8:11 PM

Answers

  • Apparently the key's were regenerated, the changes were made to the AP's and the network policy was deleted and remade.

     

    I'm not sure that it was a valid "fix" though since that had been done a couple times before.  The only difference was that I disabled the old policy rather than deleted it.

    • Marked as answer by BriGy86 Wednesday, May 4, 2011 2:06 PM
    Wednesday, May 4, 2011 2:06 PM

All replies

  • Hi,

    Thanks for the post.

    Have you ever tried to check the NPS Event Logging and Windows Event Viewer on the NPS server? Is there any specific error message?

    Use Event Viewer, available from the Administrative Tools program group, to obtain information about hardware and software problems and to monitor all security events, including informational, warning, and error events.

    To troubleshoot NPS authentication attempts, view the NPS events in Windows Logs\Security. Viewing the authentication attempts in this log is useful in troubleshooting network policies.

    In this case, we need to collect the following information:

    Info1: MPSreport for NPS server

    Info2: MPSreport for the problematic client.

    Info3: Network traffics on the NPS server.

    Info4: Network traffics on the problematic client.

    Note: We need to capture network traffics on both sides when reproducing this issue. (With Wireshark)

     

    How to collect the MPSreport:

    ======================

    1. Download proper MPS Report tool from the website below.

    Microsoft Product Support Reports
    http://www.microsoft.com/downloads/details.aspx?FamilyID=CEBF3C7C-7CA5-408F-88B7-F9C79B7306C0&displaylang=en

    2. Double-click to run it, if requirement is not met, please follow the wizard to download and install them. After that, click Next, when the "Select the diagnostics you want to run" page appears, select "General", “Internet and Networking”, “Business Networks”, “Server Components”, click Next.

    3. After collecting all log files, choose "Save the results", choose a folder to save <Computername>MPSReports.cab file.

     

    For your convenience, I have created a workspace for you.  You can upload the information files to the following link.  (Please choose "Send Files to Microsoft")
     
    Workspace URL: (https://sftasia.one.microsoft.com/choosetransfer.aspx?key=301bd213-1211-48bc-aeac-54bd684b49f6)
    Password: ewlBuWeT4KZ

    Note: Due to differences in text formatting with various email clients, the workspace link above may appear to be broken.  Please be sure to include all text between '(' and ')' when typing or copying the workspace link into your browser.

    Thanks,

    Miles


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
    Friday, April 29, 2011 8:30 AM
  • I have submitted that file.
    Friday, April 29, 2011 3:17 PM
  • BTW, I checked the logs previously and all the errors in there are expected.  They were happening as we were making changes to troubleshoot the issue.
    Friday, April 29, 2011 4:07 PM
  • I believe we have this issue fixed.  I'm still waiting on a definite resolution though.
    Monday, May 2, 2011 3:02 PM
  • Apparently the key's were regenerated, the changes were made to the AP's and the network policy was deleted and remade.

     

    I'm not sure that it was a valid "fix" though since that had been done a couple times before.  The only difference was that I disabled the old policy rather than deleted it.

    • Marked as answer by BriGy86 Wednesday, May 4, 2011 2:06 PM
    Wednesday, May 4, 2011 2:06 PM