Setup RADIUS MS NPS and Cisco ESW 520

drreim
drreim used Ask the Experts™
on
I am trying to set up IAS with Cisco ESW 500 series switch.  I can see the ldap query in the event log and access is allowed but I receive:  Access was denied due to one of the following reasons:
 
1) There are too many users logged in
2) The specified user name and/or password is incorrect
3) Low privilege user(level 1-14)cannot access EWS

I have Cisco AV Pair with shell:priv-lvl=15 in the IAS policy.

Thanks in advance.
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®

Commented:
Are you sure, that a request from a client is matched against correct network policy?

take a look also here:
http://filedb.experts-exchange.com/incoming/2008/12_w51/87700/TA0001-Windows-2008-RADIUS-for-C.pdf
just to check that you have done everything correctly.

what kind of event number you have in eventviewer on NPS (custom views - server roles - network policy and accounting...)
for incorrect logons
Commented:
Thanks - I did use this document as the template.  I did have to Add condition: Client IPv4 Address 10\.0\.0\..+  to replace the Client Friendly Name and remove NAS-Port-Type Virtual(VPN).

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial