08-06-2013 11:38 AM - edited 07-04-2021 12:36 AM
I setup NPS server and added a RADIUS Client access point, my project is to get a wireless user to authenticate using his/her AD credientials, my problem is i can't seem to authenticate my user
my NPS server is giving me this error log under Event Viewer > Server Logs > Network Policy and Access Services
Reason: The RADIUS request did not match any configured connection request policy (CRP).
but from my understanding i don't need to setup Connection Request Policies because i am using Network Policy
Please Help!
08-06-2013 12:56 PM
Hello,
As per your query i can suggest you the following solution-
The default connection request policy is the only configured policy. In this example, NPS is configured as a RADIUS server and all connection requests are processed by the local NPS server. The NPS server can authenticate and authorize users whose accounts are in the domain of the NPS server domain and in trusted domains.
Hope this will help you.
08-09-2013 07:26 AM
thanks for your reply, i setup a new NPS policy here is my error log
----------------------------------------------------------------------------------------------------------------------------------------
Network Policy Server denied access to a user.
Contact the Network Policy Server administrator for more information.
User:
Security ID: NULL SID
Account Name: csdomain\rsingh
Account Domain: csdomain
Fully Qualified Account Name: csdomain\rsingh
Client Machine:
Security ID: NULL SID
Account Name: -
Fully Qualified Account Name: -
OS-Version: -
Called Station Identifier: 0026.992f.6761
Calling Station Identifier: 2477.0392.b0f8
NAS:
NAS IPv4 Address: 192.50.2.2
NAS IPv6 Address: -
NAS Identifier: MYWAP
NAS Port-Type: Wireless - IEEE 802.11
NAS Port: 35290
RADIUS Client:
Client Friendly Name: MYWAP
Client IP Address: 192.50.2.2
Authentication Details:
Connection Request Policy Name: PEAP
Network Policy Name: -
Authentication Provider: Windows
Authentication Server: MYSERVER.csdomain.com
Authentication Type: EAP
EAP Type: -
Account Session Identifier: -
Logging Results: Accounting information was written to the local log file.
Reason Code: 22
Reason: The client could not be authenticated because the Extensible Authentication Protocol (EAP) Type cannot be processed by the server.
08-09-2013 10:18 AM
It hitting your policy PEAP, but how is that setup?
Sent from Cisco Technical Support iPhone App
08-09-2013 10:26 AM
here are the snapshots of what my policy looks like
08-09-2013 10:28 AM
also here is a look at my AP
08-09-2013 10:29 AM
On your 3rd screenshot you should disable the last two checkbox and also click edit so I can see how you have that setup.
Sent from Cisco Technical Support iPhone App
08-09-2013 10:35 AM
here you go...
08-09-2013 10:40 AM
You need the first two checkbox enabled. You had the first 4. You have a certificate loaded on the radius server.
Sent from Cisco Technical Support iPhone App
08-09-2013 10:42 AM
What other options do you have besides EAP secure password.
Sent from Cisco Technical Support iPhone App
08-09-2013 10:46 AM
i created a local certificate...
08-09-2013 11:01 AM
Might just be the certificate your using then.
Sent from Cisco Technical Support iPhone App
08-09-2013 11:02 AM
i also have a certificate that was issued by Godaddy however i got the same errors
08-09-2013 11:10 AM
Make sure your client isn't validating a server cert. test with this and see if they connect. If they can't, it's got to be the cert.
Sent from Cisco Technical Support iPhone App
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide