Solved

IAS Event ID 2 with reason-code 262

Posted on 2008-10-13
1
3,654 Views
Last Modified: 2013-11-09
We have 3 wireless on one Cisco 1300 AP. One is for public without any security settings. The second wireless uses WPA for student and 3rd wireless uses WPA-Enterprise for LAN users.  It has been work for over two years without any issues. This weekend, the LAN wireless doesn't work (public and student work without any problems). I am not sure it is related, but we just installed two windows 2008 DCs replacing windows 2000 DCs recently. I haven't removed the two windows 2000 DCs from the network. We just disable one of 2000 DCs for the test. Every thing works except the LAN wireless.

Our IAS running on one of windows 2003 server has correct DNS settings (pointing to windows 2008 DC/DNS) and nslookup doesn't show any errors. The following are the event log and IAS log. How do you troubleshoot it?

Event Type: Warning
Event Source: IAS
Event Category: None
Event ID: 2
Date:  10/13/2008
Time:  11:50:47 AM
User:  N/A
Computer: DEVICES1
Description:
User NTDOMAIN\BLin was denied access.
 Fully-Qualified-User-Name = domainname.org/Users/Bob Lin
 NAS-IP-Address = 10.0.30.71
 NAS-Identifier = Admin_IP71
 Called-Station-Identifier = 0019.306a.e160
 Calling-Station-Identifier = 001c.bf9a.8774
 Client-Friendly-Name = ABAP1310IP71
 Client-IP-Address = 10.0.30.71
 NAS-Port-Type = Wireless - IEEE 802.11
 NAS-Port = 1850
 Proxy-Policy-Name = Use Windows authentication for all users
 Authentication-Provider = Windows
 Authentication-Server = <undetermined>
 Policy-Name = CBG-All
 Authentication-Type = PEAP
 EAP-Type = <undetermined>
 Reason-Code = 262
 Reason = The supplied message is incomplete.  The signature was not verified.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 18 03 09 80               ...€    

IAS log
10.0.30.71,host/CBG002330.domainname.org,10/13/2008,11:46:21,IAS,DEVICES1,12,1400,30,0019.306a.e160,31,001c.bf9a.8774,6,1,61,19,5,1848,4,10.0.30.71,32,Admin_IP71,4108,10.0.30.71,4116,0,4128,ABAP1310IP71,4155,1,4154,Use Windows authentication for all users,25,311 1 10.0.0.12 03/06/2008 03:43:51 14271,4129,NTDOMAIN\CBG002330$,4130,NTDOMAIN\CBG002330$,4127,5,4136,1,4142,0
10.0.30.71,host/CBG002330.domainname.org,10/13/2008,11:46:21,IAS,DEVICES1,25,311 1 10.0.0.12 03/06/2008 03:43:51 14271,4127,5,4130,NTDOMAIN\CBG002330$,4129,NTDOMAIN\CBG002330$,4154,Use Windows authentication for all users,4155,1,4128,ABAP1310IP71,4116,0,4108,10.0.30.71,4136,3,4142,48
10.0.30.71,host/CBG002330.domainname.org,10/13/2008,11:46:26,IAS,DEVICES1,12,1400,30,0019.306a.e160,31,001c.bf9a.8774,6,1,61,19,5,1849,4,10.0.30.71,32,Admin_IP71,4108,10.0.30.71,4116,0,4128,ABAP1310IP71,4155,1,4154,Use Windows authentication for all users,25,311 1 10.0.0.12 03/06/2008 03:43:51 14272,4129,NTDOMAIN\CBG002330$,4130,NTDOMAIN\CBG002330$,4127,5,4136,1,4142,0
10.0.30.71,host/CBG002330.domainname.org,10/13/2008,11:46:26,IAS,DEVICES1,25,311 1 10.0.0.12 03/06/2008 03:43:51 14272,4127,5,4130,NTDOMAIN\CBG002330$,4129,NTDOMAIN\CBG002330$,4154,Use Windows authentication for all users,4155,1,4128,ABAP1310IP71,4116,0,4108,10.0.30.71,4136,3,4142,48
10.0.30.71,NTDOMAIN\BLin,10/13/2008,11:50:47,IAS,DEVICES1,4128,ABAP1310IP71,12,1400,30,0019.306a.e160,31,001c.bf9a.8774,6,1,61,19,5,1850,4,10.0.30.71,32,Admin_IP71,4108,10.0.30.71,4116,0,4155,1,4154,Use Windows authentication for all users,25,311 1 10.0.0.12 03/06/2008 03:43:51 14277,4129,NTDOMAIN\BLin,4149,CBG-All,4127,11,4130,domainname.org/Users/Bob Lin,4136,1,4142,0
10.0.30.71,NTDOMAIN\BLin,10/13/2008,11:50:47,IAS,DEVICES1,4128,ABAP1310IP71,25,311 1 10.0.0.12 03/06/2008 03:43:51 14277,4127,11,4130,domainname.org/Users/Bob Lin,4149,CBG-All,4129,NTDOMAIN\BLin,4154,Use Windows authentication for all users,4108,10.0.30.71,4116,0,4155,1,4136,3,4142,262
10.0.30.71,host/CBG002330.domainname.org,10/13/2008,12:26:45,IAS,DEVICES1,4128,ABAP1310IP71,12,1400,30,0019.306a.e160,31,001c.bf9a.8774,6,1,61,19,5,1853,4,10.0.30.71,32,Admin_IP71,4108,10.0.30.71,4116,0,4155,1,4154,Use Windows authentication for all users,25,311 1 10.0.0.12 03/06/2008 03:43:51 14287,4129,NTDOMAIN\CBG002330$,4149,wireless,4132,Secured password (EAP-MSCHAP v2),4127,11,4130,domainname.org/Computers/CBG002330,4136,1,4142,0
10.0.30.71,host/CBG002330.domainname.org,10/13/2008,12:26:45,IAS,DEVICES1,4128,ABAP1310IP71,25,311 1 10.0.0.12 03/06/2008 03:43:51 14287,4132,Secured password (EAP-MSCHAP v2),4127,11,8100,0,4108,10.0.30.71,4116,0,4120,0x014E54444F4D4149,4155,1,4154,Use Windows authentication for all users,4129,NTDOMAIN\CBG002330$,4149,wireless,6,1,4130,domainname.org/Computers/CBG002330,4136,2,4142,0
10.0.30.71,NTDOMAIN\blin,10/13/2008,12:28:54,IAS,DEVICES1,4128,ABAP1310IP71,12,1400,30,0019.306a.e160,31,001c.bf9a.8774,6,8,61,19,5,1853,4,10.0.30.71,32,Admin_IP71,4108,10.0.30.71,4116,0,4155,1,4154,Use Windows authentication for all users,25,311 1 10.0.0.12 03/06/2008 03:43:51 14292,4129,NTDOMAIN\blin,4149,CBG-All,4127,11,4130,domainname.org/Users/Bob Lin,4136,1,4142,0
10.0.30.71,NTDOMAIN\blin,10/13/2008,12:28:54,IAS,DEVICES1,4128,ABAP1310IP71,25,311 1 10.0.0.12 03/06/2008 03:43:51 14292,4127,11,4130,domainname.org/Users/Bob Lin,4149,CBG-All,4129,NTDOMAIN\blin,4154,Use Windows authentication for all users,4108,10.0.30.71,4116,0,4155,1,4136,3,4142,262
10.0.30.71,NTDOMAIN\blin,10/13/2008,12:28:56,IAS,DEVICES1,4128,ABAP1310IP71,12,1400,30,0019.306a.e160,31,001c.bf9a.8774,6,1,61,19,5,1854,4,10.0.30.71,32,Admin_IP71,4108,10.0.30.71,4116,0,4155,1,4154,Use Windows authentication for all users,25,311 1 10.0.0.12 03/06/2008 03:43:51 14297,4129,NTDOMAIN\blin,4149,CBG-All,4127,11,4130,domainname.org/Users/Bob Lin,4136,1,4142,0
10.0.30.71,NTDOMAIN\blin,10/13/2008,12:28:56,IAS,DEVICES1,4128,ABAP1310IP71,25,311 1 10.0.0.12 03/06/2008 03:43:51 14297,4127,11,4130,domainname.org/Users/Bob Lin,4149,CBG-All,4129,NTDOMAIN\blin,4154,Use Windows authentication for all users,4108,10.0.30.71,4116,0,4155,1,4136,3,4142,262
10.0.30.71,NTDOMAIN\blin,10/13/2008,12:28:56,IAS,DEVICES1,4128,ABAP1310IP71,12,1400,30,0019.306a.e160,31,001c.bf9a.8774,6,1,61,19,5,1855,4,10.0.30.71,32,Admin_IP71,4108,10.0.30.71,4116,0,4155,1,4154,Use Windows authentication for all users,25,311 1 10.0.0.12 03/06/2008 03:43:51 14302,4129,NTDOMAIN\blin,4149,CBG-All,4127,11,4130,domainname.org/Users/Bob Lin,4136,1,4142,0
10.0.30.71,NTDOMAIN\blin,10/13/2008,12:28:56,IAS,DEVICES1,4128,ABAP1310IP71,25,311 1 10.0.0.12 03/06/2008 03:43:51 14302,4127,11,4130,domainname.org/Users/Bob Lin,4149,CBG-All,4129,NTDOMAIN\blin,4154,Use Windows authentication for all users,4108,10.0.30.71,4116,0,4155,1,4136,3,4142,262
10.0.30.71,NTDOMAIN\blin,10/13/2008,12:29:34,IAS,DEVICES1,4128,ABAP1310IP71,12,1400,30,0019.306a.e160,31,001c.bf9a.8774,6,1,61,19,5,1856,4,10.0.30.71,32,Admin_IP71,4108,10.0.30.71,4116,0,4155,1,4154,Use Windows authentication for all users,25,311 1 10.0.0.12 03/06/2008 03:43:51 14309,4129,NTDOMAIN\blin,4149,CBG-All,4127,11,4130,domainname.org/Users/Bob Lin,4136,1,4142,0
10.0.30.71,NTDOMAIN\blin,10/13/2008,12:29:34,IAS,DEVICES1,4128,ABAP1310IP71,25,311 1 10.0.0.12 03/06/2008 03:43:51 14309,4127,11,4130,domainname.org/Users/Bob Lin,4149,CBG-All,4129,NTDOMAIN\blin,4154,Use Windows authentication for all users,4108,10.0.30.71,4116,0,4155,1,4136,3,4142,262
0
Comment
Question by:blin2000
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 31

Accepted Solution

by:
Henrik Johansson earned 250 total points
ID: 22714066
As described in KB, this occur when IAS is Windows Server 2003 and trusted root CA certificate isn't installed on the clients. http://support.microsoft.com/kb/838502
0

Featured Post

Portable, direct connect server access

The ATEN CV211 connects a laptop directly to any server allowing you instant access to perform data maintenance and local operations, for quick troubleshooting, updating, service and repair.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article we have discussed about the OS X EI Capitan and how to fix Wi-Fi issue in OS X El Capitan. We have explained how to delete system level preferences and create a new Wi-Fi location to resolve Wi-Fi issue.
In the modern office, employees tend to move around the workplace a lot more freely. Conferences, collaborative groups, flexible seating and working from home require a new level of mobility. Technology has not only changed the behavior and the expe…
This Micro Tutorial will show you how to maximize your wireless card to its maximum capability. This will be demonstrated using Intel(R) Centrino(R) Wireless-N 2230 wireless card on Windows 8 operating system.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question