Solved: Re: Wireless authentcation failed

MAK6 · ‎08-21-2022

Hello,

We are using radius server win server 2019 ,facing an issue while sending a radius authentication request from wireless Cisco 3800 to radius server below log showing on event viewer

Level Date and Time Source Event ID Task Category
Information 8/21/2022 4:05:00 PM Microsoft-Windows-Security-Auditing 6273 Network Policy Server "Network Policy Server denied access to a user.

Contact the Network Policy Server administrator for more information.

User:
Security ID: NULL SID
Account Name:
Account Domain: xxx
Fully Qualified Account Name: xxx

Client Machine:
Security ID: NULL SID
Account Name: -
Fully Qualified Account Name: -
Called Station Identifier:
Calling Station Identifier: xxxx

NAS:
NAS IPv4 Address: xxxx
NAS IPv6 Address: -
NAS Identifier: xxxx
NAS Port-Type: Wireless - IEEE 802.11
NAS Port: 1

RADIUS Client:
Client Friendly Name: xxxx
Client IP Address: xxxx

Authentication Details:
Connection Request Policy Name: Secure Wireless Connections
Network Policy Name: -
Authentication Provider: Windows
Authentication Server: xxxx
Authentication Type: PAP
EAP Type: -
Account Session Identifier: 36333032326437632F30303A31313A32323A33333A34343A35352F3332333835
Logging Results: Accounting information was written to the local log file.
Reason Code: 16
Reason: Authentication failed due to a user credentials mismatch. Either the user name provided does not map to an existing user account or the password was incorrect.
"

HIDE20 · ‎08-22-2022

Hi,

Take a look at this:

Authentication Details:
Connection Request Policy Name: Secure Wireless Connections
Network Policy Name: -
Authentication Provider: Windows
Authentication Server: xxxx
Authentication Type: PAP

Is using PAP protocol for authentication . Allow PAP in win server and try again:

View solution in original post

ammahend · ‎08-21-2022

Seems like everything is working and user is getting denied because of mismatched credentials. Are you sure you are using correct credentials ? And your supplicant is configured correctly for whatever eap method you are using.

-hope this helps-

MAK6 · ‎08-21-2022

Hello ammahend

Well i checked the credentials many times its look fine ,let me share the picture of supplicant defined method in win server

Regards

ammahend · ‎08-21-2022

I don’t see any picture, can you share supplicant config (client side) as well, I can tell if it’s configured correctly.

-hope this helps-

MAK6 · ‎08-22-2022

HIDE20 · ‎08-22-2022

Hi,

Take a look at this:

Authentication Details:
Connection Request Policy Name: Secure Wireless Connections
Network Policy Name: -
Authentication Provider: Windows
Authentication Server: xxxx
Authentication Type: PAP

Is using PAP protocol for authentication . Allow PAP in win server and try again:

MAK6 · ‎08-22-2022

Hello,

Same error getting after enabling pap even.

HIDE20 · ‎08-22-2022

I think you have some missing config in your deployment. Take a look at this link NPS, Wireless LAN Controllers, and Wireless Networks Configuration Example - Cisco and check your config. If you see that everything is fine ,reply the post with a debug client and a debug aaa command on the WLC and i will try to help you (debug client "mac-address" and debug aaa enable) . After that don`t forget to undebug all .

Regards

MAK6 · ‎08-22-2022

Wireless authentcation failed

Cisco Wireless - How To

SEG: Validation Error : Certificates signature verification failed

WLC failed to find ifIndex!

Doc - Dominando la Configuración y Gestión de redes Wireless con Catalyst Center

Como configurar uma rede wireless no Cisco Packet Tracer