802.1x RADIUS stopped working - 6273 Audit Failure


  • Hi,

    We use a combination of Ruckus and Network Policy Server running on 2008R2 to provide 802.1x authentication to our wireless network.

    For the past year, it has given us very few problems but now, nobody can connect. Always get the same "The RADIUS request did not match any configured connection request policy"

    We have very little in the way of network policies and connection request policies. Literally the only requirements are that they have wireless ability, are member of the Domain Computers group and use Windows authentication.

    The computers are logging on to the domain fine therefore it should be passing their AD credentials, they obviously have wireless and they are members of the Domain Computers group. The certificate hasn't expired.

    I have tried disabling all the policies and it still doesn't work. I have tried rebooting the NPS and the Ruckus box.

    Does anyone have any idea what is wrong? - here is the full log file :

    Log Name: Security
    Source: Microsoft-Windows-Security-Auditing
    Date: 21/08/2013 11:26:55
    Event ID: 6273
    Task Category: Network Policy Server
    Level: Information
    Keywords: Audit Failure
    User: N/A
    Computer: nwhserver9.nwhs.local
    Network Policy Server denied access to a user.

    Contact the Network Policy Server administrator for more information.

    Security ID: NULL SID
    Account Name: NWHS\administrator
    Account Domain: -
    Fully Qualified Account Name: -

    Client Machine:
    Security ID: NULL SID
    Account Name: -
    Fully Qualified Account Name: -
    OS-Version: -
    Called Station Identifier: 54-3D-37-A0-75-18:nwhsatrium
    Calling Station Identifier: F0-7B-CB-95-0B-E6

    NAS IPv4 Address:
    NAS IPv6 Address: -
    NAS Identifier: 54-3D-37-A0-75-18
    NAS Port-Type: Wireless - IEEE 802.11
    NAS Port: 10

    RADIUS Client:
    Client Friendly Name: ZoneDirector
    Client IP Address:

    Authentication Details:
    Connection Request Policy Name: -
    Network Policy Name: -
    Authentication Provider: -
    Authentication Server: nwhserver9.nwhs.local
    Authentication Type: -
    EAP Type: -
    Account Session Identifier: -
    Logging Results: Accounting information was written to the local log file.
    Reason Code: 49
    Reason: The RADIUS request did not match any configured connection request policy (CRP).

    Event Xml:
    <Event xmlns="">
    <Provider Name="Microsoft-Windows-Security-Auditing" Guid="{54849625-5478-4994-A5BA-3E3B0328C30D}" />
    <TimeCreated SystemTime="2013-08-21T10:26:55.354977200Z" />
    <Correlation />
    <Execution ProcessID="600" ThreadID="6168" />
    <Security />
    <Data Name="SubjectUserSid">S-1-0-0</Data>
    <Data Name="SubjectUserName">NWHS\administrator</Data>
    <Data Name="SubjectDomainName">-</Data>
    <Data Name="FullyQualifiedSubjectUserName">-</Data>
    <Data Name="SubjectMachineSID">S-1-0-0</Data>
    <Data Name="SubjectMachineName">-</Data>
    <Data Name="FullyQualifiedSubjectMachineName">-</Data>
    <Data Name="MachineInventory">-</Data>
    <Data Name="CalledStationID">54-3D-37-A0-75-18:nwhsatrium</Data>
    <Data Name="CallingStationID">F0-7B-CB-95-0B-E6</Data>
    <Data Name="NASIPv4Address"></Data>
    <Data Name="NASIPv6Address">-</Data>
    <Data Name="NASIdentifier">54-3D-37-A0-75-18</Data>
    <Data Name="NASPortType">Wireless - IEEE 802.11</Data>
    <Data Name="NASPort">10</Data>
    <Data Name="ClientName">ZoneDirector</Data>
    <Data Name="ClientIPAddress"></Data>
    <Data Name="ProxyPolicyName">-</Data>
    <Data Name="NetworkPolicyName">-</Data>
    <Data Name="AuthenticationProvider">-</Data>
    <Data Name="AuthenticationServer">nwhserver9.nwhs.local</Data>
    <Data Name="AuthenticationType">-</Data>
    <Data Name="EAPType">-</Data>
    <Data Name="AccountSessionIdentifier">-</Data>
    <Data Name="ReasonCode">49</Data>
    <Data Name="Reason">The RADIUS request did not match any configured connection request policy (CRP).</Data>
    <Data Name="LoggingResult">Accounting information was written to the local log file.</Data>
    Thursday, August 29, 2013 8:21 AM


  • Hi,

    I have found some reasons that may cause an event ID 6273:

    The user does not have valid credentials

    The connection method is not allowed by network policy

    The network access server is under attack

    NPS does not have access to the user account database on the domain controller

    NPS log files or the SQL Server database are not available

    For more the solution please refer to:

    Event ID 6273 — NPS Authentication Status

    Friday, August 30, 2013 9:29 AM