locked
Win XP SP3 and 2008R2 NPS - PEAP Auh Failing RRS feed

  • Question

  •  

    I am having issues with Wireless authentication using (PEAP).  Authentication was successful when using 2003R2 IAS.  Upgradedservers to 2008R2, NPS running on a 2008R2 DC.  Certificates are Ok.  VPNauth is successful using RADIUS.  See errors below:

     

     

    Authentication Server:

    Windows 2008R2 – NPS and Domain Services

     

     

     

    NPS Log Event-

     

    Network Policy Server denied access to a user.

     

    Contact the Network Policy Server administrator for more information.

     

    User:

                    Security ID:                                            DOMAIN\user

                    Account Name:                                    DOMAIN\user

                    Account Domain:                                 DOMAIN

                    Fully Qualified Account Name:          DOMAIN\user

     

    Client Machine:

                    Security ID:                                            NULL SID

                    Account Name:                                    -

                    Fully Qualified Account Name:          -

                    OS-Version:                                           -

                    Called Station Identifier:                      xxxxxxxxxxxx\xxxxxxx

                    Calling Station Identifier:                     xxxxxxxxxxx

     

    NAS:

                    NAS IPv4 Address:                                ip.ip.ip.ip

                    NAS IPv6 Address:                                -

                    NAS Identifier:                                       vaildname

                    NAS Port-Type:                                     Wireless - IEEE 802.11

                    NAS Port:                                               29

     

    RADIUS Client:

                    Client Friendly Name:                          vaildname

                    Client IP Address:                                 ip.ip.ip.ip

     

    Authentication Details:

                    Connection Request Policy Name:    Use Windows authentication for all users

                    Network Policy Name:                         valid policy name

                    Authentication Provider:                     Windows

                    Authentication Server:                         valid domain controller FQDN (SELF)

                    Authentication Type:                           PEAP

                    EAP Type:                                              -

                    Account Session Identifier:                 -

                    Logging Results:                                   Accounting information was written to the local log file.

                    Reason Code:                                        269

                    Reason:                                                  The client and server cannot communicate, because they do not possess a common algorithm.

     

     

     

     

    System Event –

     

    Event ID 36874, Schannel

     

    An TLS 1.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed.

     

     

     

     

    Wednesday, June 30, 2010 1:32 PM

All replies

  • I'm having this same exact problem. Everything was great with 2003. Upgraded to 2008 R2. VPN still works with RADIUS. Vista laptops can connect, but XP clients can't. Anybody got any clues?
    Thursday, July 15, 2010 12:42 PM
  • Same issue that many of us are having with XP - there does not seem to be any solution as of yet. I have an open call with Microsoft on this issue.
    Thursday, July 15, 2010 7:53 PM
  • Any word on a resolution to this problem. I seem to be having the same issue.
    Thursday, August 5, 2010 3:15 PM
  • In my case it appears to a problem with Broadcom based WLAN controllers, and possibly Cisco one also. If you enable Windows to be the Wireless controller everything works.  Problem is we really want to use the Broadcom controller because it disables Wireless when connected to the LAN (wired).

    Tuesday, September 14, 2010 5:55 PM
  • Has anyone found a resolution?
    Thursday, April 14, 2011 11:20 PM
  • The solution was to update the Broadcom drivers in our case. If you download the Broadcom WLAN software and drivers, and install it, the only thing that it updated was the software. For some reason it did not install the drivers. Once the driver was removed and then the new software and driver was installed, everything worked.
    • Proposed as answer by craymond Wednesday, June 22, 2011 3:51 PM
    Wednesday, June 22, 2011 3:22 PM