PKI - Wireless Clients Unable to Logon due to unavailable revocation server
Posted on 2011-09-12
I am having issues connecting my wireless laptops to the network.
This is the error message that I get on my IAS server:
User host/Laptop1.abc.com was denied access.
Fully-Qualified-User-Name = abc.com/Workstation Accounts/Secured Notebooks/Laptop1
NAS-IP-Address = x.x.x.x
NAS-Identifier = x.x.x.x
Called-Station-Identifier = A.B.C.D
Calling-Station-Identifier = A.B.C.D
Client-Friendly-Name = WIRELESS
Client-IP-Address = x.x.x.x
NAS-Port-Type = Wireless - IEEE 802.11
NAS-Port = 2
Proxy-Policy-Name = Use Windows authentication for all users
Authentication-Provider = Windows
Authentication-Server = <undetermined>
Policy-Name = WIRELESS
Authentication-Type = EAP
EAP-Type = Smart Card or other certificate
Reason-Code = 259
Reason = The revocation function was unable to check revocation because the revocation server was offline.
I have restarted the IAS server and tested that I can get get to IASServer\certsrv. This works fine.
I installed this patch from Microsoft to resolve an schannel issue - WindowsServer2003-KB933430-x86-ENU.exe on the IAS server. This patch resolved the schannel issue but moved on to the error listed above.
Your assistance is greatly appreciated.