Solved

Cisco 1130 and Radius 2008 R2 login rejected

Posted on 2012-03-11
1
826 Views
Last Modified: 2012-06-27
Hello everybody,

I'm actually trying to put a simple authentification with the help of NPS. The communication between the wifi and server seem to be OK since i can see what's wrong in Wireshark and cisco logs.

The server get the RADIUS login request which seem to be fine for me. The problem is it answer with a "reject" and i don't know why. I already followed every tutorials on the web... (of course the secret pin is ok on both side)

There is the radius log on my cisco aironet :
Mar 11 15:52:00.304: RADIUS: Received from id 1645/68 192.168.1.10:1645, Access-Reject, len 44
Mar 11 15:52:00.304: RADIUS:  authenticator C5 B8 C2 7B 09 EB 8C AD - 60 72 14 00 0C 80 9F F9
Mar 11 15:52:00.304: RADIUS:  EAP-Message         [79]  6
Mar 11 15:52:00.304: RADIUS:   04 02 00 04                                      [????]
Mar 11 15:52:00.305: RADIUS:  Message-Authenticato[80]  18
Mar 11 15:52:00.305: RADIUS:   23 FC D1 36 29 AE 68 21 C8 06 85 43 06 10 00 E6  [#??6)?h!???C????]
Mar 11 15:52:00.305: RADIUS(00000076): Received from id 1645/68
Mar 11 15:52:00.305: RADIUS/DECODE: EAP-Message fragments, 4, total 4 bytes

Open in new window


Thanks !
0
Comment
Question by:Pierro951
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 44

Accepted Solution

by:
Darr247 earned 500 total points
ID: 37708262
> The server get the RADIUS login request which seem to be fine for me.
The problem is it answer with a "reject" and i don't know why
I would check the logs on the RADIUS server.

According to step 7 on
http://technet.microsoft.com/en-us/library/cc755248.aspx

If the connection attempt is both authenticated and authorized, the NPS server sends an Access-Accept message to the access server.

If the connection attempt is either not authenticated or not authorized, the NPS server sends an Access-Reject message to the access server.


So the connection attempt is either not passing authentication, or the authorization logic is false.
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This subject  of securing wireless devices conjures up visions of your PC or mobile phone connecting to the Internet through some hotspot at Starbucks. But it is so much more than that. Let’s look at the facts: devices#sthash.eoFY7dic.
This paper addresses the security of Sennheiser DECT Contact Center and Office (CC&O) headsets. It describes the DECT security chain comprised of “Pairing”, “Per Call Authentication” and “Encryption”, which are all part of the standard DECT protocol.
This Micro Tutorial will show you how to maximize your wireless card to its maximum capability. This will be demonstrated using Intel(R) Centrino(R) Wireless-N 2230 wireless card on Windows 8 operating system.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question