802.11x AUthentication failure?




I am trying to retrench an existing Windows 2003 Server configured for
802.11x. As far as I can tell, the new server is configured the same as the
old - with minor exceptions such as the Old has CertServices, the new does
not. The old has ISA 2000, the new has 2004 and is otherwise going ok. There
are no Denied connections in the ISA Logs. I have instlalled a copy of the
machine key for the machine being authenticated below into the cert store in
the new machine and using certservices I have loaded into the new DC all the
certificates that seem to be loadable. I can log on to the network while the
old server is offline.

If I change the radius server address in the WAP with the new server address
I get the following event log record:

Access request for user (e-mail address removed) was discarded.

Fully-Qualified-User-Name = ... my user name...

NAS-IP-Address =

NAS-Identifier = default

Called-Station-Identifier = <not present>

Calling-Station-Identifier = 00-0e-35-2b-7c-04

Client-Friendly-Name = Wireless Modem

Client-IP-Address =

NAS-Port-Type = Wireless - IEEE 802.11

NAS-Port = 0

Proxy-Policy-Name = Use Windows authentication for all users

Authentication-Provider = Windows

Authentication-Server = <undetermined>

Reason-Code = 9

Reason = The request was discarded by a third-party extension DLL file.


If the RAIDUS server IP is left pointing to the old server the wireless
connection succeeds ok. The failure is after Packet ID 10 is processed
during the client during Authentication (RASTLS.log file). I cannot see
anything that makes sense re: this error in any of the Trace files for RRAS.
After Packet ID 10, the client goes back to Validating Identity and gets
stuck there.

The config is: Windows 2003 Server with SP1, RRAS, IAS, ISA, MS Exchange.

Thanks in advance to anyone that can help.

- Tim

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question