Radius Server - Evenit-ID 2

Author

Evenit-ID 2

Ron

2006-09-03, 1:21 pm

I am receiving Event-ID 2 that is filling up the security log.
The users have access in AD (allow dial-in access)and they are getting
authtenticated. I am using PEAP on cisco 1220 AP. The radius server is
running on a Windows 2000 server. Thanks

User <username> was denied access.
Fully-Qualified-User-Name = <domain>/<OU or container>/<username>
NAS-IP-Address = <ip address>
NAS-Identifier = <not present>
Called-Station-Identifier = <not present>
Calling-Station-Identifier = <ip address>
Client-Friendly-Name = <IAS Client name>
Client-IP-Address = <ip address>
NAS-Port-Type = Virtual
NAS-Port = 131
Policy-Name = Wireless lan
Authentication-Type = PEAP
EAP-Type = <undetermined>
Reason-Code = 66
Reason = user does not have dial in access

Eric J.

2006-09-06, 7:48 pm

Hi Ron,

try to add the attribute "ignore dial-in user properties" in your IAS.
Maybe this will help.

Greetz Eric

Ron schrieb:

> I am receiving Event-ID 2 that is filling up the security log.
> The users have access in AD (allow dial-in access)and they are getting
> authtenticated. I am using PEAP on cisco 1220 AP. The radius server is
> running on a Windows 2000 server. Thanks
>
> User <username> was denied access.
> Fully-Qualified-User-Name = <domain>/<OU or container>/<username>
> NAS-IP-Address = <ip address>
> NAS-Identifier = <not present>
> Called-Station-Identifier = <not present>
> Calling-Station-Identifier = <ip address>
> Client-Friendly-Name = <IAS Client name>
> Client-IP-Address = <ip address>
> NAS-Port-Type = Virtual
> NAS-Port = 131
> Policy-Name = Wireless lan
> Authentication-Type = PEAP
> EAP-Type = <undetermined>
> Reason-Code = 66
> Reason = user does not have dial in access