Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 867
  • Last Modified:

Cisco 1130 and Radius 2008 R2 login rejected

Hello everybody,

I'm actually trying to put a simple authentification with the help of NPS. The communication between the wifi and server seem to be OK since i can see what's wrong in Wireshark and cisco logs.

The server get the RADIUS login request which seem to be fine for me. The problem is it answer with a "reject" and i don't know why. I already followed every tutorials on the web... (of course the secret pin is ok on both side)

There is the radius log on my cisco aironet :
Mar 11 15:52:00.304: RADIUS: Received from id 1645/68 192.168.1.10:1645, Access-Reject, len 44
Mar 11 15:52:00.304: RADIUS:  authenticator C5 B8 C2 7B 09 EB 8C AD - 60 72 14 00 0C 80 9F F9
Mar 11 15:52:00.304: RADIUS:  EAP-Message         [79]  6
Mar 11 15:52:00.304: RADIUS:   04 02 00 04                                      [????]
Mar 11 15:52:00.305: RADIUS:  Message-Authenticato[80]  18
Mar 11 15:52:00.305: RADIUS:   23 FC D1 36 29 AE 68 21 C8 06 85 43 06 10 00 E6  [#??6)?h!???C????]
Mar 11 15:52:00.305: RADIUS(00000076): Received from id 1645/68
Mar 11 15:52:00.305: RADIUS/DECODE: EAP-Message fragments, 4, total 4 bytes

Open in new window


Thanks !
0
Pierro951
Asked:
Pierro951
1 Solution
 
Darr247Commented:
> The server get the RADIUS login request which seem to be fine for me.
The problem is it answer with a "reject" and i don't know why
I would check the logs on the RADIUS server.

According to step 7 on
http://technet.microsoft.com/en-us/library/cc755248.aspx

If the connection attempt is both authenticated and authorized, the NPS server sends an Access-Accept message to the access server.

If the connection attempt is either not authenticated or not authorized, the NPS server sends an Access-Reject message to the access server.


So the connection attempt is either not passing authentication, or the authorization logic is false.
0

Featured Post

Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now