Radius Server authenticates only some times

I set up a radius server on Windows 2003 server.  I am using 2 Cisco 4400 WLCs and lightweight Cisco 1242 APs.  I set up the Remote Access Policy to use computer authentication.  I can get it to work on a computer.  But on that computer that it is working on, it will only work for some users.  When it works, it authenticates by computer like it is supposed to.  But when it doesn't, it tries to authenticate by user, and then the error log says "The connection attempt did not match any remote access policy."  But if I log back in as the original user, it will authenticate correctly again.  The attached code shows the same computer trying to authenticate, but it does not work the same.  Any help would be greatly appreciated.  
----------Does't Work--------------

Event Type:	Warning
Event Source:	IAS
Event Category:	None
Event ID:	2
Date:		4/28/2010
Time:		7:07:16 AM
User:		N/A
Computer:	REDWAPP002
Description:
User NPPI-NET\RedwingIT was denied access.
 Fully-Qualified-User-Name = NPPI-NET\RedwingIT
 NAS-IP-Address = 10.1.200.100
 NAS-Identifier = REDWCTRL001
 Called-Station-Identifier = 00-21-D8-BF-EA-B0:Phil
 Calling-Station-Identifier = 00-15-E9-B7-F3-C4
 Client-Friendly-Name = REDWCTRL001
 Client-IP-Address = 10.1.200.100
 NAS-Port-Type = Wireless - IEEE 802.11
 NAS-Port = 29
 Proxy-Policy-Name = AD Authentication
 Authentication-Provider = Windows 
 Authentication-Server = <undetermined> 
 Policy-Name = <undetermined> 
 Authentication-Type = EAP
 EAP-Type = <undetermined> 
 Reason-Code = 48
 Reason = The connection attempt did not match any remote access policy. 

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 00 00 00 00               ....    


-------------Works fine--------------


Event Type:	Information
Event Source:	IAS
Event Category:	None
Event ID:	1
Date:		4/28/2010
Time:		7:02:38 AM
User:		N/A
Computer:	REDWAPP002
Description:
User host/RW500317.norwoodaustin.com was granted access.
 Fully-Qualified-User-Name = norwoodaustin.com/Red Wing/Red Wing Computers/RW500317
 NAS-IP-Address = 10.1.200.100
 NAS-Identifier = REDWCTRL001
 Client-Friendly-Name = REDWCTRL001
 Client-IP-Address = 10.1.200.100
 Calling-Station-Identifier = 00-15-E9-B7-F3-C4
 NAS-Port-Type = Wireless - IEEE 802.11
 NAS-Port = 29
 Proxy-Policy-Name = AD Authentication
 Authentication-Provider = Windows 
 Authentication-Server = <undetermined> 
 Policy-Name = Wireless Access Policy
 Authentication-Type = PEAP
 EAP-Type = Secured password (EAP-MSCHAP v2)

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 00 00 00 00

Open in new window

norwoodhelpdeskAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

HodepineCommented:
Looks like your users are in two different domains. The one that fails has NPPI-NET, while the other is norwoodaustin.com.

Are you trying to authenticate for a domain different than your AD?
0
Jakob DigranesSenior ConsultantCommented:
The thing with computer authentication with RADIUS is that it will authenticate computer before user authentication.  - or do you have only comnputer authentication?
You say that this is the same computer - but with different users?

Do the computer connect to the same AP?
ARe the different users in same or different OUs?
Do you see any other errors in the event viewer log?
Do the computer successfully connect before user logs on, and the fails when user have logged on? (User re-authentication)
do the users have different permissions to the computer?
how do you configure the wirelesss settings? During GPOs?
are you sure the wireless has enough time to connect before user connects?
Do you have user re-authentication on the wireless?

a lot of questions - look into these please, and let us know.

0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Wireless Networking

From novice to tech pro — start learning today.