Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Cisco 1130 and Radius 2008 R2 login rejected

Posted on 2012-03-11
1
Medium Priority
?
848 Views
Last Modified: 2012-06-27
Hello everybody,

I'm actually trying to put a simple authentification with the help of NPS. The communication between the wifi and server seem to be OK since i can see what's wrong in Wireshark and cisco logs.

The server get the RADIUS login request which seem to be fine for me. The problem is it answer with a "reject" and i don't know why. I already followed every tutorials on the web... (of course the secret pin is ok on both side)

There is the radius log on my cisco aironet :
Mar 11 15:52:00.304: RADIUS: Received from id 1645/68 192.168.1.10:1645, Access-Reject, len 44
Mar 11 15:52:00.304: RADIUS:  authenticator C5 B8 C2 7B 09 EB 8C AD - 60 72 14 00 0C 80 9F F9
Mar 11 15:52:00.304: RADIUS:  EAP-Message         [79]  6
Mar 11 15:52:00.304: RADIUS:   04 02 00 04                                      [????]
Mar 11 15:52:00.305: RADIUS:  Message-Authenticato[80]  18
Mar 11 15:52:00.305: RADIUS:   23 FC D1 36 29 AE 68 21 C8 06 85 43 06 10 00 E6  [#??6)?h!???C????]
Mar 11 15:52:00.305: RADIUS(00000076): Received from id 1645/68
Mar 11 15:52:00.305: RADIUS/DECODE: EAP-Message fragments, 4, total 4 bytes

Open in new window


Thanks !
0
Comment
Question by:Pierro951
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 44

Accepted Solution

by:
Darr247 earned 1500 total points
ID: 37708262
> The server get the RADIUS login request which seem to be fine for me.
The problem is it answer with a "reject" and i don't know why
I would check the logs on the RADIUS server.

According to step 7 on
http://technet.microsoft.com/en-us/library/cc755248.aspx

If the connection attempt is both authenticated and authorized, the NPS server sends an Access-Accept message to the access server.

If the connection attempt is either not authenticated or not authorized, the NPS server sends an Access-Reject message to the access server.


So the connection attempt is either not passing authentication, or the authorization logic is false.
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Need WiFi? Often, there are perfectly good networks that don't have WiFi capability - and there's a need to add it.  - Perhaps you have an Ethernet port into a network but no WiFi nearby. - Perhaps you have a powerline extender and no WiFi at the…
The Summer 2017 Scholarship Winners have been announced!
This Micro Tutorial will show you how to maximize your wireless card to its maximum capability. This will be demonstrated using Intel(R) Centrino(R) Wireless-N 2230 wireless card on Windows 8 operating system.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…

721 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question