When do we get "Bad request from NAS" message type from ACS server in IAP deployment ?
In Cisco ACS server keeps seeing alert message "Bad request from NAS" message type.
Wireless clients >> IAP >> Radius Server.
When the shared secret passwords are NOT synchronized between the access point and the authentication server, this may trigger this message.
In customer environment they have two Radius server which is mapped with the same Ip address 10.175.8.18 but with different shared key and if the client trying to authenticate against the Radius server with in-correct shared key, the error message is triggered on the ACS server.
Example: There are 2 Radius servers with same IP address and with mis-match shared key shown below:
wlan auth-server RADIUS-FELTACS0003
ip 10.175.8.18 <================
wlan auth-server RADIUS-HOUNCPP0002
ip 10.175.8.18 <==============
By configuring the similar shared key on both the radius servers which matches the IAP shared key, the issue is been resolved.