WPA2 Enterprise - Validating Identity

wifi linksys radius windows-ias-server wpa2
6,202

Solution 1

Heh heh... I setup exactly what you're describing with that very AP earlier this week for a Customer.

  • RADIUS Standard works fine for that AP.
  • To rule out the certificate validation, uncheck the "Validate Server Certificate" setting in the PEAP properties on the client at least temporarily.
  • Be sure that IAS is starting and running. I've seen problems with IAS and the need to set "ReservedPorts" since the Kaminsky DNS update. See http://support.microsoft.com/kb/956189 for details.
  • Are you seeing the authentication requests coming in from the AP in the server's event log? If not, throw "Network Monitor" on the server (or Wireshark if you're so inclined) and sniff the traffic between the server and the AP.

On a couple of occasions I've seen that particular AP (don't know what firmware) suddenly stop attempting to authnenticate clients (it never sends any RADIUS requests) and power-cycling the AP "fixes" the issue. I suspect a firmware upgrade probably fixes that behaviour.

Solution 2

I'd start by reviewing the event logs on your IAS server for reasoning as to why it's not authenticating your client. I've found the logs to be quite helpful in determining where along the the bases your authentication is getting hung up (client -> AP -> IAS).

Share:
6,202

Related videos on Youtube

silvesthu
Author by

silvesthu

Systems Admin in SMB sector Chuck Norris counted to infinity - twice Chuck Norris can slam a revolving door Chuck Norris CAN believe it’s not butter Chuck Norris does not hunt because the word hunting infers the probability of failure. Chuck Norris goes killing.

Updated on September 17, 2022

Comments

  • silvesthu
    silvesthu almost 2 years

    I cannot get WPA2 enterprise to work on my network. I will give you an overview of the current setup.

    Windows Domain, using IAS and its own CA

    Linksys WAP200 Access Point

    I setup the AP to use WPA2-Enterprise Mixed using RADIUS I setup and registered IAS on the domain controller. I added the AP as a client with and have tried using both RADIUS Standard and Cisco as the RADIUS type.

    I configured the IAS policy to grant access to Domain Computers, Authentication is set to PEAP and uses a private cert issued by our CA, the other profile settings are all default.

    The client settings on the laptop match the IAS settings and the certificate is definately installed. WPA2 is supported as i can connect to WPA2 personal APs. I have tried multiple laptops.

    During the connection it flashes that it "connected" for a second then goes to "Validating Identity" which it eventually timesout on. I am using the Windows Wireless Connection Manager.

    Any help would be very appreciated!

  • silvesthu
    silvesthu almost 15 years
    I checked the IAS log files and was getting "No Policy Match" error. I switched from Domain computer to Domain Users and it worked. Now i just need to figure out why... Any ideas?
  • Spence
    Spence almost 15 years
    An obvious question: Do you have the client computer setup to authenticate using the computer account when user credentials aren't available?
  • Spence
    Spence almost 15 years
    Woah there-- I'm having an "idiot moment". If you want to accept both computer credentials and user credentials you'll need to name both "Domain Comptuers" and "Domain Users" in your policy. By default, XP will re-authenticate with the user credential after the user logs-on (there is no way to do computer-only with XP, I believe).

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

OpenWRT WPA2-Enterprise & RADIUS - config is not applied
What does the RADIUS server do in a WPA2 Enterprise setup?
EAP-PWD with FreeRADIUS 3
Network Policy Server error message 'Negotiation failed. No available EAP methods'
WIFi Authentication with Windows Active Directory
RADIUS authentication on Cisco switches: how to assign privilege levels?
Are Reversibly Encrypted Passwords safe, and Why isn't it working when enabled for a user?
Auth-Type :- Reject in RADIUS users file matches inner tunnel request but sends Access-Accept
CentOS 6 WiFi using NetworkManager and Without GUI tools
Windows 7 appears to select inconsistent anchor during wireless connection