Migrate from IAS to NPS for use with Cisco WLC
Hi,
I have attempted to migrate a Windows 2003 based IAS setup to a Win2008r2 based NPS setup using MS's doc for exporting the DB from IAS and importing it into NPS on the newer server and it seems to work mostly. The VPN setup on the Cisco ASA works fine after being pointed to the new NPS install but clients on the Cisco 4400 WLC does not authenticate when that is set to use the new NPS radius setup. Obviously I missed a step or two.
I cannot find much documentation on deciphering the logs from NPS, but it seems that I am not getting to the "Secured password" sequence that I see in teh IAS log.
Has anyone done this and could give some advice? Or even a little help with what the logs are telling me about what happened when I switched the WLC over to the new radius setup? Thanks.
I have attempted to migrate a Windows 2003 based IAS setup to a Win2008r2 based NPS setup using MS's doc for exporting the DB from IAS and importing it into NPS on the newer server and it seems to work mostly. The VPN setup on the Cisco ASA works fine after being pointed to the new NPS install but clients on the Cisco 4400 WLC does not authenticate when that is set to use the new NPS radius setup. Obviously I missed a step or two.
I cannot find much documentation on deciphering the logs from NPS, but it seems that I am not getting to the "Secured password" sequence that I see in teh IAS log.
Has anyone done this and could give some advice? Or even a little help with what the logs are telling me about what happened when I switched the WLC over to the new radius setup? Thanks.
Craig Beck
Assuming the NPS server has a different IP, have you added the new NPS server as a RADIUS server on the WLC?
ASKER
Yes. It is a different server on a different IP. So I added the IP to the Security section of the WLC under AAA > Radius > Authentication Servers, Then selected that server under the WLAN > Security > AAA Servers in place of the older IAS server.
Ok so can you see any errors in the WLC logs or in the custom NPS logs in event viewer?
ASKER
There is nothing in the NPS logs on the Win2008 server and it looks like I overwrote the logs on the WLC. So I'll have to wait until I can set it back up again and grab those logs.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Should be no firewall between the WLC and NPS server. And I found the logs from that day for the NPS box. It looks like things just stop talking if I compare that log to the one from the working IAS box. I will try to get a chance to test again this week. Thanks.