[c-nsp] Wireless 802.1x authentication failures

Edward Iong edward_iong_ at hotmail.com
Tue Jun 14 02:53:16 EDT 2011


Hi there,
 
I have checked the cert is not expired
 
 
 

 
> CC: cisco-nsp at puck.nether.net
> From: engel.labiro at gmail.com
> Subject: Re: [c-nsp] Wireless 802.1x authentication failures
> Date: Tue, 14 Jun 2011 15:22:14 +0900
> To: edward_iong_ at hotmail.com
> 
> You may want to eliminate several issues contributing to this problem. One thing to check is the expiration date of the certificate issued for MS ISA.
> 
> HTH
> 
> Sent from my iPhone
> 
> On 2011/06/14, at 15:13, Edward Iong <edward_iong_ at hotmail.com> wrote:
> 
> > 
> > Dear All, 
> > 
> > We are using windows certificates for authenticate domain computers to connect wireless network.
> > 
> > In previous, it is working. Everyone can access wireless network. But now no one can get access, we found in the MS ISA event Log, it has a warning message as below
> > 
> > 
> > Event Type: Warning
> > Event Source: IAS
> > Event Category: None
> > Event ID: 2
> > Date: 6/14/2011
> > Time: 1:16:37 PM
> > User: N/A
> > Computer: EDC-HKNT135
> > Description:
> > User host/BDNB00011.bd.ABC.com was denied access.
> > Fully-Qualified-User-Name = ABC\BDNB00011$
> > NAS-IP-Address = 10.XXX.XXX.51
> > NAS-Identifier = BDWLC1
> > Called-Station-Identifier = :xxx
> > Calling-Station-Identifier = 
> > Client-Friendly-Name = BDWLC1
> > Client-IP-Address = 10.XXX.XXX.51
> > NAS-Port-Type = Wireless - IEEE 802.11
> > NAS-Port = 1
> > Proxy-Policy-Name = Use Windows authentication for all users
> > Authentication-Provider = Windows 
> > Authentication-Server = <undetermined> 
> > Policy-Name = <undetermined> 
> > Authentication-Type = EAP
> > EAP-Type = <undetermined> 
> > Reason-Code = 48
> > Reason = The connection attempt did not match any remote access policy. 
> > For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
> > Data:
> > 0000: 00 00 00 00 .... 
> > 
> > Could anyone have any clues? or any suggestion for me to find out the issue come from?
> > 
> > 
> > Thanks and Regards,
> > 
> > 
> > Edward
> > 
> > 
> > 
> > 
> > _______________________________________________
> > cisco-nsp mailing list cisco-nsp at puck.nether.net
> > https://puck.nether.net/mailman/listinfo/cisco-nsp
> > archive at http://puck.nether.net/pipermail/cisco-nsp/
 		 	   		  


More information about the cisco-nsp mailing list