Solved

Testing aruba controller AAA test server with NPS 2008 successful, but windows 7 fails to connect to SSID

Posted on 2013-06-11
7
1,317 Views
Last Modified: 2013-06-11
Dear All,
 
I have installed NPS on windows server 2008 R2. setup network policies. I also setup radius server on the Aruba controller, and when I use the Diagnositics>AAA test server with a user name and password I get authentication successful, also I can see it in the logs on NPS. but when I try to connect to the SSID I can't and I get this error on NPS:
"Authentication failed due to a user credentials mismatch. Either the user name provided does not map to an existing user account or the password was incorrect."
 
I checked every post available, followed every setup but I can't make it work. the only post i saw that had a solution to a similar problem I had, the user just installed NPS on a different server with basic configuration and it works. problem is I just installed NPS and another server is not an option.
 
I am using protected EAP with MS-CHAP-V2. im not interensted in having certificates for now, cause im week in them.
 
any help would be highly appreciated.
0
Comment
Question by:matfme
  • 5
  • 2
7 Comments
 
LVL 21

Accepted Solution

by:
Jakob Digranes earned 200 total points
ID: 39237392
Are you using machine or user authentication?
that is - in Network Policies in NPS - the group limiting access - is it a user group, machine group or both?

WIndows 7 often select Machine authentication automatically if you do not set it to user
0
 

Author Comment

by:matfme
ID: 39237405
In NPS - under conditions I have added a windows group domain users. I also added Domain computers once and removed it but it didn't work.

how to setup windows 7 to take user authentication, because take a look at the log:
User:
      Security ID:                  NULL SID
      Account Name:                  host/IT_Security.domain.com
      Account Domain:                  domain
      Fully Qualified Account Name:      domain\IT_SECURITY$

I think it is trying machine authentication, althought I added a domain computers group to network policy it wasn't working.
0
 

Author Comment

by:matfme
ID: 39237456
I checked the option to use user authentication, now the logs on NPS are showing granted full access but I cannot connect to wireless network, strange
0
Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

 
LVL 21

Expert Comment

by:Jakob Digranes
ID: 39237470
What roles are you given in Aruba? Have the client got an IP-Address?
With 802.1X authentication; you won't get an IP-address until AFTER authentication, and if DHCP or VLANs aren't working - you won't get an address ...

go to monitoring - clients and see What role you've got
0
 

Author Comment

by:matfme
ID: 39240086
i just needed to restart my computer, my wireless card was problematic. it is working now.
0
 

Author Closing Comment

by:matfme
ID: 39240090
windows was sending machine authentication, which radius didn't know how to deal with, because eap mschap v2 is set. i changed an option on the wireless configuration on the client side and it is working fine.
0
 

Author Comment

by:matfme
ID: 39240091
thanks a lot, I appreciate the help. :)
0

Featured Post

Courses: Start Training Online With Pros, Today

Brush up on the basics or master the advanced techniques required to earn essential industry certifications, with Courses. Enroll in a course and start learning today. Training topics range from Android App Dev to the Xen Virtualization Platform.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Exchange 2010, outlook 2010 and outlook 2007 7 37
I/E toolbars 7 29
Send data from a cell phone to a pc 5 48
Exchange 2013 CU6 to CU7 4 37
Preface Having the need * to contact many different companies with different infrastructures * do remote maintenance in their network required us to implement a more flexible routing solution. As RAS, PPTP, L2TP and VPN Client connections are no…
Many admins will agree: WSUS is is a nice invention but using it on the client side when updating a newly installed computer is still time consuming as you have to do several reboots and furthermore, the procedure of installing updates, rebooting an…
Windows 8 comes with a dramatically different user interface known as Metro. Notably missing from the new interface is a Start button and Start Menu. Many users do not like it, much preferring the interface of earlier versions — Windows 7, Windows X…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

806 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question