NPS fails to authenticate on certain radius clients, no visible events on Event Viewer
Question
-
Hey folks.
I'm trying to troubleshoot authentication failure of some Ubiquiti AP. I've been able to set up NPS with Radius authentication, and the system works flawlessly for 4 wireless access points set up in my main site. Trouble is on a secondary site, which while it does have IP connectivity to the NPS and the access points are configured identically, they simply fail to authenticate. I am attaching some screenshots describing my NPS setup.
There are no visible failure events on the radius server, not on the Server Role/Network Policy and Access Services, neither on the Windows Log/Security. However, checking the log file of the NPS Service (C:\Windows\System32\LogFiles), I was able to confirm that the failing access points are indeed hitting the server. The following registry is from a failed auth attempt:
"10.0.21.10,vrg,06/04/2015,14:14:53,IAS,ITSYSMGMNT,25,311 1 10.0.1.47 06/04/2015 16:27:40 628,27,30,4108,10.0.21.10,4116,0,4128,WAP Cuvier2,4154,Secure Wirless 2,4155,1,4129,CIMEX\vrg,4130,CIMEX\vrg,4136,11,4142,0"
while this registry is from a successful attempt:
"10.0.11.10,jme,06/04/2015,14:14:48,IAS,ITSYSMGMNT,25,311 1 10.0.1.47 06/04/2015 16:27:40 627,4132,Microsoft: Secured password (EAP-MSCHAP v2),4127,11,8100,0,4120,0x0143494D4558,4108,10.0.11.10,4116,0,4128,WAP EjeNal1,4154,Secure Wirless 2,4155,1,8153,0,4129,CIMEX\jme,4149,WiFi"
Can anybody help me make sense of the log? Better yet, can anybody point me out why some APs are authenticating, and why two of them are not?
