locked
How to confiure Network Policy Server with RADISU server for 802.1x RRS feed

  • Question

  • I have configured my NAP Server for RADIUS 802.1 with a RADIUS Client, Below detail is the configuration on my server, but i i can't connect to RADIUS Server from Laptop which have Windows 7 Operating System.

     

    Log Name:      Security
    Source:        Microsoft-Windows-Security-Auditing
    Date:          12/26/2011 11:07:06 AM
    Event ID:      6273
    Task Category: Network Policy Server
    Level:         Information
    Keywords:      Audit Failure
    User:          N/A
    Computer:      WIN-T2TULOO7REH.FMICITLABDC2008.COM
    Description:
    Network Policy Server denied access to a user.

    Contact the Network Policy Server administrator for more information.

    User:
     Security ID:   FMICITLABDC2008\siawash
     Account Name:   siawash
     Account Domain:   FMICITLABDC2008
     Fully Qualified Account Name: FMICITLABDC2008\siawash

    Client Machine:
     Security ID:   NULL SID
     Account Name:   -
     Fully Qualified Account Name: -
     OS-Version:   -
     Called Station Identifier:  00259c344bcf
     Calling Station Identifier:  0026826854ca

    NAS:
     NAS IPv4 Address:  10.5.2.6
     NAS IPv6 Address:  -
     NAS Identifier:   00259c344bcf
     NAS Port-Type:   Wireless - IEEE 802.11
     NAS Port:   54

    RADIUS Client:
     Client Friendly Name:  IT_Router
     Client IP Address:   10.5.2.6

    Authentication Details:
     Connection Request Policy Name: Secure Wireless Connections
     Network Policy Name:  Secure Wireless Connections
     Authentication Provider:  Windows
     Authentication Server:  WIN-T2TULOO7REH.FMICITLABDC2008.COM
     Authentication Type:  PEAP
     EAP Type:   -
     Account Session Identifier:  -
     Logging Results:   Accounting information was written to the local log file.
     Reason Code:   23
     Reason:    An error occurred during the Network Policy Server use of the Extensible Authentication Protocol (EAP). Check EAP log files for EAP errors.

    Event Xml:
    <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
      <System>
        <Provider Name="Microsoft-Windows-Security-Auditing" Guid="{54849625-5478-4994-A5BA-3E3B0328C30D}" />
        <EventID>6273</EventID>
        <Version>1</Version>
        <Level>0</Level>
        <Task>12552</Task>
        <Opcode>0</Opcode>
        <Keywords>0x8010000000000000</Keywords>
        <TimeCreated SystemTime="2011-12-26T19:07:06.300250000Z" />
        <EventRecordID>3230632</EventRecordID>
        <Correlation />
        <Execution ProcessID="444" ThreadID="3456" />
        <Channel>Security</Channel>
        <Computer>WIN-T2TULOO7REH.FMICITLABDC2008.COM</Computer>
        <Security />
      </System>
      <EventData>
        <Data Name="SubjectUserSid">S-1-5-21-423326590-2933660831-97909515-1105</Data>
        <Data Name="SubjectUserName">siawash</Data>
        <Data Name="SubjectDomainName">FMICITLABDC2008</Data>
        <Data Name="FullyQualifiedSubjectUserName">FMICITLABDC2008\siawash</Data>
        <Data Name="SubjectMachineSID">S-1-0-0</Data>
        <Data Name="SubjectMachineName">-</Data>
        <Data Name="FullyQualifiedSubjectMachineName">-</Data>
        <Data Name="MachineInventory">-</Data>
        <Data Name="CalledStationID">00259c344bcf</Data>
        <Data Name="CallingStationID">0026826854ca</Data>
        <Data Name="NASIPv4Address">10.5.2.6</Data>
        <Data Name="NASIPv6Address">-</Data>
        <Data Name="NASIdentifier">00259c344bcf</Data>
        <Data Name="NASPortType">Wireless - IEEE 802.11</Data>
        <Data Name="NASPort">54</Data>
        <Data Name="ClientName">IT_Router</Data>
        <Data Name="ClientIPAddress">10.5.2.6</Data>
        <Data Name="ProxyPolicyName">Secure Wireless Connections</Data>
        <Data Name="NetworkPolicyName">Secure Wireless Connections</Data>
        <Data Name="AuthenticationProvider">Windows</Data>
        <Data Name="AuthenticationServer">WIN-T2TULOO7REH.FMICITLABDC2008.COM</Data>
        <Data Name="AuthenticationType">PEAP</Data>
        <Data Name="EAPType">-</Data>
        <Data Name="AccountSessionIdentifier">-</Data>
        <Data Name="ReasonCode">23</Data>
        <Data Name="Reason">An error occurred during the Network Policy Server use of the Extensible Authentication Protocol (EAP). Check EAP log files for EAP errors.</Data>
        <Data Name="LoggingResult">Accounting information was written to the local log file.</Data>
      </EventData>
    </Event>

    Monday, December 26, 2011 7:22 PM

Answers

  • Authentication Details:
     Connection Request Policy Name: Secure Wireless Connections
     Network Policy Name:  Secure Wireless Connections
     Authentication Provider:  Windows
     Authentication Server:  WIN-T2TULOO7REH.FMICITLABDC2008.COM
     Authentication Type:  PEAP
     EAP Type:   -
     Account Session Identifier:  -
     Logging Results:   Accounting information was written to the local log file.
     Reason Code:   23
     Reason:    An error occurred during the Network Policy Server use of the Extensible Authentication Protocol (EAP). Check EAP log files for EAP errors.

    Hi Siawash,

     

    Thanks for posting here.

     

    It seems we have authentication issue during the connection according to the current event you provided , perhaps we can start by verifying the EAP log files under path “ %windir%\System32\Logfiles ”

     

    Network Access Protection Troubleshooting Guide

    http://technet.microsoft.com/en-us/library/dd348515(WS.10).aspx

     

    http://blogs.technet.com/b/wincat/archive/2007/10/29/the-definitive-guide-to-nap-logging.aspx

     

    Thanks.


    Tiger Li


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
    Tuesday, December 27, 2011 7:35 AM

All replies

  • Hi,

    Check possible reasons and how to fix it on the following Microsoft article...

    Access Request Was Denied

    Cheers


    Check my qualifications here.
    Check my blog
    here.

    Monday, December 26, 2011 7:39 PM
  • Authentication Details:
     Connection Request Policy Name: Secure Wireless Connections
     Network Policy Name:  Secure Wireless Connections
     Authentication Provider:  Windows
     Authentication Server:  WIN-T2TULOO7REH.FMICITLABDC2008.COM
     Authentication Type:  PEAP
     EAP Type:   -
     Account Session Identifier:  -
     Logging Results:   Accounting information was written to the local log file.
     Reason Code:   23
     Reason:    An error occurred during the Network Policy Server use of the Extensible Authentication Protocol (EAP). Check EAP log files for EAP errors.

    Hi Siawash,

     

    Thanks for posting here.

     

    It seems we have authentication issue during the connection according to the current event you provided , perhaps we can start by verifying the EAP log files under path “ %windir%\System32\Logfiles ”

     

    Network Access Protection Troubleshooting Guide

    http://technet.microsoft.com/en-us/library/dd348515(WS.10).aspx

     

    http://blogs.technet.com/b/wincat/archive/2007/10/29/the-definitive-guide-to-nap-logging.aspx

     

    Thanks.


    Tiger Li


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
    Tuesday, December 27, 2011 7:35 AM