Armitage318
asked on
Help troubleshooting Network Policy Server on 2019
Hi, I am trying to add a second NPS on my Active Directory domain. The only with is already working is very old (Windows 2008 Server...). The one that I am trying to add is Windows 2019.
Both servers are domain controllers.
I installed NPAS role, and I am pretty sure I replicated all settings about Clients, Connection Request Policies and so on, but it is not working: I created a test WiFi network that only relies to a Windows 2019 server, so I can use that wireless network to as troubleshooting test.
I configured logging in default path: C:\Windows\System32\LogFiles
but it is empty!
I also checked on Event Viewer but I have no event at all with ID 6272 and 6273.
Any suggestion?
Thank you!
Both servers are domain controllers.
I installed NPAS role, and I am pretty sure I replicated all settings about Clients, Connection Request Policies and so on, but it is not working: I created a test WiFi network that only relies to a Windows 2019 server, so I can use that wireless network to as troubleshooting test.
I configured logging in default path: C:\Windows\System32\LogFiles
but it is empty!
I also checked on Event Viewer but I have no event at all with ID 6272 and 6273.
Any suggestion?
Thank you!
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Run a packet capture on the 2019 server and see if it is getting any RADIUS traffic.
ASKER
Hi Kevin, I do confirm that radius traffic is received on that server. There are no reply at all.
I also followed this tutorial:
https://community.arubanetworks.com/community-home/digestviewer/viewthread?MID=2957
to enable logging.. but c:\windows\system32\logfiles is still emply and it seems I have no events in Event Viewer
ASKER
I have made some progress ..
After this command:
now it seems that my NPS server is replying (with reject, but this is another issue!)
I read this link, too:
https://www.reddit.com/r/sysadmin/comments/e03jhu/nps_on_server_2019_firewall_and_service_sidtype/
so it seems this is a definely a firewall issue. Totally obscure (since in Windows Firewall the rules about 1812/1823 were ALREADY allowed!!!)
After this command:
sc sidtype IAS unrestricted
now it seems that my NPS server is replying (with reject, but this is another issue!)
I read this link, too:
https://www.reddit.com/r/sysadmin/comments/e03jhu/nps_on_server_2019_firewall_and_service_sidtype/
so it seems this is a definely a firewall issue. Totally obscure (since in Windows Firewall the rules about 1812/1823 were ALREADY allowed!!!)
ASKER
Furthermore, all devices (Access Points) are in same LAN segment of DCs.
Thank you!