Hi,

I'm having trouble setting up an AP541N cluster with Windows 2008R2 NPS as radius server which is a member server in AD. The problem is the EAP type since I keep getting this error message: "The client could not be authenticated because the Extensible Authentication Protocol (EAP) Type cannot be processed by the server."

The actual eventlog says:

....

- EventData

  SubjectUserSid S-1-0-0

  SubjectUserName xxxxxx

  SubjectDomainName XXXXXXXX

  FullyQualifiedSubjectUserName XXXXXXXX\xxxxxxxx

  SubjectMachineSID S-1-0-0

  SubjectMachineName -

  FullyQualifiedSubjectMachineName -

  MachineInventory -

  CalledStationID 00-21-29-06-EB-60:apams

  CallingStationID 48-5D-60-00-06-7B

  NASIPv4Address 10.65.0.57

  NASIPv6Address -

  NASIdentifier -

  NASPortType Wireless - IEEE 802.11

  NASPort 0

  ClientName apams2

  ClientIPAddress 10.65.0.57

  ProxyPolicyName Use Windows authentication for all users

  NetworkPolicyName -

  AuthenticationProvider Windows

  AuthenticationServer xxxxxxx.xxxxxxxx.xxxxxxxx

  AuthenticationType -

  EAPType -

  AccountSessionIdentifier -

  ReasonCode 22

  Reason The client could not be authenticated because the Extensible Authentication Protocol (EAP) Type cannot be processed by the server.

I tried all the different settings but the error persists.

Below a sample from a sniffer dump.

  Frame: Number = 28, Captured Frame Length = 199, MediaType = ETHERNET

+ Ethernet: Etype = Internet IP (IPv4),DestinationAddress:[00-50-56-BF-5A-1A],SourceAddress:[00-0F-90-53-9A-5F]

+ Ipv4: Src = 10.65.0.57, Dest = 10.64.2.25, Next Protocol = UDP, Packet ID = 60685, Total IP Length = 185

+ Udp: SrcPort = 32771, DstPort = 1812, Length = 165

- Radius: Access Request, Id = 0, Length = 157

    MessageType: Access Request, 1(0x01)

    Identifier: 0 (0x0)

    AllLength: 157 (0x9D)

    Authenticator: 4D 4F D9 41  20 B4 4E 12  07 A8 38 25  48 22 C6 15

  - AttributeUserName: xxxxxxxx

     Type: User Name, 1(0x1)

     Length: 10 (0xA)

     UserName: xxxxxxxx

  - AttributeNasIPAddress: 10.65.0.57

     Type: NAS IP Address, 4(0x4)

     Length: 6 (0x6)

     NasIPAddress: 10.65.0.57

  - AttributeNasPort: 0

     Type: NAS Port, 5(0x5)

     Length: 6 (0x6)

     NasPort: 0 (0x0)

  - AttributeCalledStationID: 00-21-29-06-EB-60:apams

     Type: Called Station Id, 30(0x1e)

     Length: 28 (0x1C)

     CalledStationID: 00-21-29-06-EB-60:apams

  - AttributeStationID: 48-5D-60-00-06-7B

     Type: Calling Station Id, 31(0x1f)

     Length: 19 (0x13)

     CallingStationID: 48-5D-60-00-06-7B

  - AttributeFramedMTU: 1400

     Type: Framed MTU, 12(0xc)

     Length: 6 (0x6)

     FramedMTU: 1400 (0x578)

  - AttributeRadiusNASPortType: Wireless - IEEE 802.11, 19(0x13)

     Type: NAS Port Type, 61(0x3d)

     Length: 6 (0x6)

     NASPortType: Wireless - IEEE 802.11, 19(0x13)

  - AttributeConnectInfo:

     Type: Connect Info, 77(0x4d)

     Length: 23 (0x17)

     ConnectInfo: Binary Large Object (21 Bytes)

  - AttributeEAPMessage:

     Type: EAP Message, 79(0x4f)

     Length: 15 (0xF)

  - AttributeMessageAuthenticator:

     Type: Message Authenticator, 80(0x50)

     Length: 18 (0x12)

     MessageAuthenticator: Binary Large Object (16 Bytes)

- EAPMessage: Response, Type = Identity

    Code: Response, 2(0x2)

    Identifier: 0 (0x0)

    Length: 13 bytes

    Type: Identity, 1(0x1)

    IdentityData: xxxxxxxx

The AP541N does have all the default settings. Basically WPA2 Enterprise with fast reconnect.

Microsoft NPS has a self signed certificate. I have tried EAP-MSCHAP v2 and Microsoft EAP (PEAP) with the certificate selected but with no result.

I have read the different posts here and I see that it should work. Maybe someone is so kind to post the configs used for the AP541N and NPS.

Thanks for any reaction.