[c-nsp] Wireless 802.1x authentication failures
Thomason, Simon
Simon.Thomason at racq.com.au
Tue Jun 14 03:03:57 EDT 2011
Are all the clients and server in sync with time? Just out of interest.
-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Edward Iong
Sent: Tuesday, 14 June 2011 4:53 PM
To: engel.labiro at gmail.com
Cc: cisco-nsp at puck.nether.net
Subject: Re: [c-nsp] Wireless 802.1x authentication failures
Hi there,
I have checked the cert is not expired
> CC: cisco-nsp at puck.nether.net
> From: engel.labiro at gmail.com
> Subject: Re: [c-nsp] Wireless 802.1x authentication failures
> Date: Tue, 14 Jun 2011 15:22:14 +0900
> To: edward_iong_ at hotmail.com
>
> You may want to eliminate several issues contributing to this problem. One thing to check is the expiration date of the certificate issued for MS ISA.
>
> HTH
>
> Sent from my iPhone
>
> On 2011/06/14, at 15:13, Edward Iong <edward_iong_ at hotmail.com> wrote:
>
> >
> > Dear All,
> >
> > We are using windows certificates for authenticate domain computers to connect wireless network.
> >
> > In previous, it is working. Everyone can access wireless network. But now no one can get access, we found in the MS ISA event Log, it has a warning message as below
> >
> >
> > Event Type: Warning
> > Event Source: IAS
> > Event Category: None
> > Event ID: 2
> > Date: 6/14/2011
> > Time: 1:16:37 PM
> > User: N/A
> > Computer: EDC-HKNT135
> > Description:
> > User host/BDNB00011.bd.ABC.com was denied access.
> > Fully-Qualified-User-Name = ABC\BDNB00011$
> > NAS-IP-Address = 10.XXX.XXX.51
> > NAS-Identifier = BDWLC1
> > Called-Station-Identifier = :xxx
> > Calling-Station-Identifier =
> > Client-Friendly-Name = BDWLC1
> > Client-IP-Address = 10.XXX.XXX.51
> > NAS-Port-Type = Wireless - IEEE 802.11
> > NAS-Port = 1
> > Proxy-Policy-Name = Use Windows authentication for all users
> > Authentication-Provider = Windows
> > Authentication-Server = <undetermined>
> > Policy-Name = <undetermined>
> > Authentication-Type = EAP
> > EAP-Type = <undetermined>
> > Reason-Code = 48
> > Reason = The connection attempt did not match any remote access policy.
> > For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
> > Data:
> > 0000: 00 00 00 00 ....
> >
> > Could anyone have any clues? or any suggestion for me to find out the issue come from?
> >
> >
> > Thanks and Regards,
> >
> >
> > Edward
> >
> >
> >
> >
> > _______________________________________________
> > cisco-nsp mailing list cisco-nsp at puck.nether.net
> > https://puck.nether.net/mailman/listinfo/cisco-nsp
> > archive at http://puck.nether.net/pipermail/cisco-nsp/
_______________________________________________
cisco-nsp mailing list cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
Hot foot it to RACQ MotorFest at Eagle Farm Racecourse on 17 July and swoon over Queensland’s largest display of collectable vehicles. Visit www.racq.com/motorfest
Please Note: If you are not the intended recipient, please delete this email as its use is prohibited. RACQ does not warrant or represent that this email is free from viruses or defects. If you do not wish to receive any further commercial electronic messages from RACQ please e-mail unsubscribe at racq.com.au or contact RACQ on 13 19 05.
More information about the cisco-nsp
mailing list