?
Solved

IAS Event ID 2 with reason-code 262

Posted on 2008-10-13
1
Medium Priority
?
3,685 Views
Last Modified: 2013-11-09
We have 3 wireless on one Cisco 1300 AP. One is for public without any security settings. The second wireless uses WPA for student and 3rd wireless uses WPA-Enterprise for LAN users.  It has been work for over two years without any issues. This weekend, the LAN wireless doesn't work (public and student work without any problems). I am not sure it is related, but we just installed two windows 2008 DCs replacing windows 2000 DCs recently. I haven't removed the two windows 2000 DCs from the network. We just disable one of 2000 DCs for the test. Every thing works except the LAN wireless.

Our IAS running on one of windows 2003 server has correct DNS settings (pointing to windows 2008 DC/DNS) and nslookup doesn't show any errors. The following are the event log and IAS log. How do you troubleshoot it?

Event Type: Warning
Event Source: IAS
Event Category: None
Event ID: 2
Date:  10/13/2008
Time:  11:50:47 AM
User:  N/A
Computer: DEVICES1
Description:
User NTDOMAIN\BLin was denied access.
 Fully-Qualified-User-Name = domainname.org/Users/Bob Lin
 NAS-IP-Address = 10.0.30.71
 NAS-Identifier = Admin_IP71
 Called-Station-Identifier = 0019.306a.e160
 Calling-Station-Identifier = 001c.bf9a.8774
 Client-Friendly-Name = ABAP1310IP71
 Client-IP-Address = 10.0.30.71
 NAS-Port-Type = Wireless - IEEE 802.11
 NAS-Port = 1850
 Proxy-Policy-Name = Use Windows authentication for all users
 Authentication-Provider = Windows
 Authentication-Server = <undetermined>
 Policy-Name = CBG-All
 Authentication-Type = PEAP
 EAP-Type = <undetermined>
 Reason-Code = 262
 Reason = The supplied message is incomplete.  The signature was not verified.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 18 03 09 80               ...€    

IAS log
10.0.30.71,host/CBG002330.domainname.org,10/13/2008,11:46:21,IAS,DEVICES1,12,1400,30,0019.306a.e160,31,001c.bf9a.8774,6,1,61,19,5,1848,4,10.0.30.71,32,Admin_IP71,4108,10.0.30.71,4116,0,4128,ABAP1310IP71,4155,1,4154,Use Windows authentication for all users,25,311 1 10.0.0.12 03/06/2008 03:43:51 14271,4129,NTDOMAIN\CBG002330$,4130,NTDOMAIN\CBG002330$,4127,5,4136,1,4142,0
10.0.30.71,host/CBG002330.domainname.org,10/13/2008,11:46:21,IAS,DEVICES1,25,311 1 10.0.0.12 03/06/2008 03:43:51 14271,4127,5,4130,NTDOMAIN\CBG002330$,4129,NTDOMAIN\CBG002330$,4154,Use Windows authentication for all users,4155,1,4128,ABAP1310IP71,4116,0,4108,10.0.30.71,4136,3,4142,48
10.0.30.71,host/CBG002330.domainname.org,10/13/2008,11:46:26,IAS,DEVICES1,12,1400,30,0019.306a.e160,31,001c.bf9a.8774,6,1,61,19,5,1849,4,10.0.30.71,32,Admin_IP71,4108,10.0.30.71,4116,0,4128,ABAP1310IP71,4155,1,4154,Use Windows authentication for all users,25,311 1 10.0.0.12 03/06/2008 03:43:51 14272,4129,NTDOMAIN\CBG002330$,4130,NTDOMAIN\CBG002330$,4127,5,4136,1,4142,0
10.0.30.71,host/CBG002330.domainname.org,10/13/2008,11:46:26,IAS,DEVICES1,25,311 1 10.0.0.12 03/06/2008 03:43:51 14272,4127,5,4130,NTDOMAIN\CBG002330$,4129,NTDOMAIN\CBG002330$,4154,Use Windows authentication for all users,4155,1,4128,ABAP1310IP71,4116,0,4108,10.0.30.71,4136,3,4142,48
10.0.30.71,NTDOMAIN\BLin,10/13/2008,11:50:47,IAS,DEVICES1,4128,ABAP1310IP71,12,1400,30,0019.306a.e160,31,001c.bf9a.8774,6,1,61,19,5,1850,4,10.0.30.71,32,Admin_IP71,4108,10.0.30.71,4116,0,4155,1,4154,Use Windows authentication for all users,25,311 1 10.0.0.12 03/06/2008 03:43:51 14277,4129,NTDOMAIN\BLin,4149,CBG-All,4127,11,4130,domainname.org/Users/Bob Lin,4136,1,4142,0
10.0.30.71,NTDOMAIN\BLin,10/13/2008,11:50:47,IAS,DEVICES1,4128,ABAP1310IP71,25,311 1 10.0.0.12 03/06/2008 03:43:51 14277,4127,11,4130,domainname.org/Users/Bob Lin,4149,CBG-All,4129,NTDOMAIN\BLin,4154,Use Windows authentication for all users,4108,10.0.30.71,4116,0,4155,1,4136,3,4142,262
10.0.30.71,host/CBG002330.domainname.org,10/13/2008,12:26:45,IAS,DEVICES1,4128,ABAP1310IP71,12,1400,30,0019.306a.e160,31,001c.bf9a.8774,6,1,61,19,5,1853,4,10.0.30.71,32,Admin_IP71,4108,10.0.30.71,4116,0,4155,1,4154,Use Windows authentication for all users,25,311 1 10.0.0.12 03/06/2008 03:43:51 14287,4129,NTDOMAIN\CBG002330$,4149,wireless,4132,Secured password (EAP-MSCHAP v2),4127,11,4130,domainname.org/Computers/CBG002330,4136,1,4142,0
10.0.30.71,host/CBG002330.domainname.org,10/13/2008,12:26:45,IAS,DEVICES1,4128,ABAP1310IP71,25,311 1 10.0.0.12 03/06/2008 03:43:51 14287,4132,Secured password (EAP-MSCHAP v2),4127,11,8100,0,4108,10.0.30.71,4116,0,4120,0x014E54444F4D4149,4155,1,4154,Use Windows authentication for all users,4129,NTDOMAIN\CBG002330$,4149,wireless,6,1,4130,domainname.org/Computers/CBG002330,4136,2,4142,0
10.0.30.71,NTDOMAIN\blin,10/13/2008,12:28:54,IAS,DEVICES1,4128,ABAP1310IP71,12,1400,30,0019.306a.e160,31,001c.bf9a.8774,6,8,61,19,5,1853,4,10.0.30.71,32,Admin_IP71,4108,10.0.30.71,4116,0,4155,1,4154,Use Windows authentication for all users,25,311 1 10.0.0.12 03/06/2008 03:43:51 14292,4129,NTDOMAIN\blin,4149,CBG-All,4127,11,4130,domainname.org/Users/Bob Lin,4136,1,4142,0
10.0.30.71,NTDOMAIN\blin,10/13/2008,12:28:54,IAS,DEVICES1,4128,ABAP1310IP71,25,311 1 10.0.0.12 03/06/2008 03:43:51 14292,4127,11,4130,domainname.org/Users/Bob Lin,4149,CBG-All,4129,NTDOMAIN\blin,4154,Use Windows authentication for all users,4108,10.0.30.71,4116,0,4155,1,4136,3,4142,262
10.0.30.71,NTDOMAIN\blin,10/13/2008,12:28:56,IAS,DEVICES1,4128,ABAP1310IP71,12,1400,30,0019.306a.e160,31,001c.bf9a.8774,6,1,61,19,5,1854,4,10.0.30.71,32,Admin_IP71,4108,10.0.30.71,4116,0,4155,1,4154,Use Windows authentication for all users,25,311 1 10.0.0.12 03/06/2008 03:43:51 14297,4129,NTDOMAIN\blin,4149,CBG-All,4127,11,4130,domainname.org/Users/Bob Lin,4136,1,4142,0
10.0.30.71,NTDOMAIN\blin,10/13/2008,12:28:56,IAS,DEVICES1,4128,ABAP1310IP71,25,311 1 10.0.0.12 03/06/2008 03:43:51 14297,4127,11,4130,domainname.org/Users/Bob Lin,4149,CBG-All,4129,NTDOMAIN\blin,4154,Use Windows authentication for all users,4108,10.0.30.71,4116,0,4155,1,4136,3,4142,262
10.0.30.71,NTDOMAIN\blin,10/13/2008,12:28:56,IAS,DEVICES1,4128,ABAP1310IP71,12,1400,30,0019.306a.e160,31,001c.bf9a.8774,6,1,61,19,5,1855,4,10.0.30.71,32,Admin_IP71,4108,10.0.30.71,4116,0,4155,1,4154,Use Windows authentication for all users,25,311 1 10.0.0.12 03/06/2008 03:43:51 14302,4129,NTDOMAIN\blin,4149,CBG-All,4127,11,4130,domainname.org/Users/Bob Lin,4136,1,4142,0
10.0.30.71,NTDOMAIN\blin,10/13/2008,12:28:56,IAS,DEVICES1,4128,ABAP1310IP71,25,311 1 10.0.0.12 03/06/2008 03:43:51 14302,4127,11,4130,domainname.org/Users/Bob Lin,4149,CBG-All,4129,NTDOMAIN\blin,4154,Use Windows authentication for all users,4108,10.0.30.71,4116,0,4155,1,4136,3,4142,262
10.0.30.71,NTDOMAIN\blin,10/13/2008,12:29:34,IAS,DEVICES1,4128,ABAP1310IP71,12,1400,30,0019.306a.e160,31,001c.bf9a.8774,6,1,61,19,5,1856,4,10.0.30.71,32,Admin_IP71,4108,10.0.30.71,4116,0,4155,1,4154,Use Windows authentication for all users,25,311 1 10.0.0.12 03/06/2008 03:43:51 14309,4129,NTDOMAIN\blin,4149,CBG-All,4127,11,4130,domainname.org/Users/Bob Lin,4136,1,4142,0
10.0.30.71,NTDOMAIN\blin,10/13/2008,12:29:34,IAS,DEVICES1,4128,ABAP1310IP71,25,311 1 10.0.0.12 03/06/2008 03:43:51 14309,4127,11,4130,domainname.org/Users/Bob Lin,4149,CBG-All,4129,NTDOMAIN\blin,4154,Use Windows authentication for all users,4108,10.0.30.71,4116,0,4155,1,4136,3,4142,262
0
Comment
Question by:blin2000
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 31

Accepted Solution

by:
Henrik Johansson earned 750 total points
ID: 22714066
As described in KB, this occur when IAS is Windows Server 2003 and trusted root CA certificate isn't installed on the clients. http://support.microsoft.com/kb/838502
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A quick step-by-step overview of installing and configuring Carbonite Server Backup.
This program is used to assist in finding and resolving common problems with wireless connections.
This Micro Tutorial will show you how to maximize your wireless card to its maximum capability. This will be demonstrated using Intel(R) Centrino(R) Wireless-N 2230 wireless card on Windows 8 operating system.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
Suggested Courses

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question