Solved

Testing aruba controller AAA test server with NPS 2008 successful, but windows 7 fails to connect to SSID

Posted on 2013-06-11
7
1,355 Views
Last Modified: 2013-06-11
Dear All,
 
I have installed NPS on windows server 2008 R2. setup network policies. I also setup radius server on the Aruba controller, and when I use the Diagnositics>AAA test server with a user name and password I get authentication successful, also I can see it in the logs on NPS. but when I try to connect to the SSID I can't and I get this error on NPS:
"Authentication failed due to a user credentials mismatch. Either the user name provided does not map to an existing user account or the password was incorrect."
 
I checked every post available, followed every setup but I can't make it work. the only post i saw that had a solution to a similar problem I had, the user just installed NPS on a different server with basic configuration and it works. problem is I just installed NPS and another server is not an option.
 
I am using protected EAP with MS-CHAP-V2. im not interensted in having certificates for now, cause im week in them.
 
any help would be highly appreciated.
0
Comment
Question by:matfme
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 2
7 Comments
 
LVL 22

Accepted Solution

by:
Jakob Digranes earned 200 total points
ID: 39237392
Are you using machine or user authentication?
that is - in Network Policies in NPS - the group limiting access - is it a user group, machine group or both?

WIndows 7 often select Machine authentication automatically if you do not set it to user
0
 

Author Comment

by:matfme
ID: 39237405
In NPS - under conditions I have added a windows group domain users. I also added Domain computers once and removed it but it didn't work.

how to setup windows 7 to take user authentication, because take a look at the log:
User:
      Security ID:                  NULL SID
      Account Name:                  host/IT_Security.domain.com
      Account Domain:                  domain
      Fully Qualified Account Name:      domain\IT_SECURITY$

I think it is trying machine authentication, althought I added a domain computers group to network policy it wasn't working.
0
 

Author Comment

by:matfme
ID: 39237456
I checked the option to use user authentication, now the logs on NPS are showing granted full access but I cannot connect to wireless network, strange
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 22

Expert Comment

by:Jakob Digranes
ID: 39237470
What roles are you given in Aruba? Have the client got an IP-Address?
With 802.1X authentication; you won't get an IP-address until AFTER authentication, and if DHCP or VLANs aren't working - you won't get an address ...

go to monitoring - clients and see What role you've got
0
 

Author Comment

by:matfme
ID: 39240086
i just needed to restart my computer, my wireless card was problematic. it is working now.
0
 

Author Closing Comment

by:matfme
ID: 39240090
windows was sending machine authentication, which radius didn't know how to deal with, because eap mschap v2 is set. i changed an option on the wireless configuration on the client side and it is working fine.
0
 

Author Comment

by:matfme
ID: 39240091
thanks a lot, I appreciate the help. :)
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The password reset disk is often mentioned as the best solution to deal with the lost Windows password problem. In Windows 2008, 7, Vista and XP, a password reset disk can be easily created. But besides Windows 7/Vista/XP, Windows Server 2008 and ot…
It’s been over a month into 2017, and there is already a sophisticated Gmail phishing email making it rounds. New techniques and tactics, have given hackers a way to authentically impersonate your contacts.How it Works The attack works by targeti…
Windows 8 comes with a dramatically different user interface known as Metro. Notably missing from the new interface is a Start button and Start Menu. Many users do not like it, much preferring the interface of earlier versions — Windows 7, Windows X…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question