|
Home > Archive > Radius Server > December 2006 > Wireless IAS Authenication fails for new workstations: IAS_AUTH_Failure
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
Wireless IAS Authenication fails for new workstations: IAS_AUTH_Failure
|
|
| Rfoor1136 2006-12-12, 1:22 pm |
| Good Morning,
I have been dealing with a strange issue. I have a wireless and
Established Radius network. I have deployed PEAP with MSCHAP V2 and
TKIP since May of 2006 successfully. We use IAS server and our own
certificate server. All the servers are 2003 SP1 and the Access point
are cisco 1100 series.
All the current workstation on the wireless network work fine. Even if
I remove and reconfigure the seting for the wireless profile they will
connect no problems. I figure this eliminates just a simple password
issue.
However I have 3 new machines I need to add and they will not connect.
The only error I get from the cards is that authentication has failed.
When I view the IAS log it give me the error IAS_AUTH_Failure. I have
confirmed these workstations have received a certificate from the
server and the credendtials are correctly entered.
I would really appreciate any and questions or comments to help me
brainstorm through this issue.
Have a great day,
Rfoor1136
| |
| James McIllece [MS] 2006-12-14, 1:37 am |
| "Rfoor1136" <rfoor1136@gmail.com> wrote in
news:1165936796.879511.264660@j72g2000cwa.googlegroups.com:
> Good Morning,
>
> I have been dealing with a strange issue. I have a wireless and
> Established Radius network. I have deployed PEAP with MSCHAP V2 and
> TKIP since May of 2006 successfully. We use IAS server and our own
> certificate server. All the servers are 2003 SP1 and the Access point
> are cisco 1100 series.
>
> All the current workstation on the wireless network work fine. Even if
> I remove and reconfigure the seting for the wireless profile they will
> connect no problems. I figure this eliminates just a simple password
> issue.
>
> However I have 3 new machines I need to add and they will not connect.
> The only error I get from the cards is that authentication has failed.
> When I view the IAS log it give me the error IAS_AUTH_Failure. I have
> confirmed these workstations have received a certificate from the
> server and the credendtials are correctly entered.
>
> I would really appreciate any and questions or comments to help me
> brainstorm through this issue.
>
> Have a great day,
>
> Rfoor1136
>
Are these domain member computers? If so, did you add them to the group of
computers to which you are granting wireless access in IAS remote access
policy?
Also check the dial-in properties of user accounts in AD -- is permission
set to Allow access or Control access through remote access policy?
You say the computers have the CA certificate in the Trusted Root
Certification Authority certificate store -- how did you enroll/install the
certificate? From a floppy, a CD, using the Web enrollment tool, or by
plugging the machine into the wired LAN and logging on (which is the
best/easiest way)? If the cert was moved somehow with drag and drop, it is
broken and will not work. If installing from floppy or CD you must import
the cert.
Also make sure clients have the correct wireless configuration -- are they
actually configured to authenticate with PEAP-MS-CHAP v2, and if so is the
wireless auto config service on by default with a startup type of
automatic?
--
James McIllece, Microsoft
Please do not send email directly to this alias. This is my online account
name for newsgroup participation only.
This posting is provided "AS IS" with no warranties, and confers no rights.
|
|
|
|
|