Attempting to enable PEAP Authenication using NPS 2012.
Users are able to access networks successfully when using aruba provided certificate and termination enabled.
However, when attempting to switch the certificate over to 3rd party - digicert on NPS server we are unable to authenticate.
Any suggestions?
We are running IAP 225s with 6.3.1.4
Successful Attempt Termination Enabled
Log Name: Security
Source: Microsoft-Windows-Security-Auditing
Date: 8/5/2014 1:53:36 PM
Event ID: 6272
Task Category: Network Policy Server
Level: Information
Keywords: Audit Success
User: N/A
Computer: server1.ewg.lan
Description:
Network Policy Server granted access to a user.
User:
Security ID: Domain\Test
Account Name:test
Account Domain: Domain
Fully Qualified Account Name:Domain\test
Client Machine:
Security ID:NULL SID
Account Name:-
Fully Qualified Account Name:-
OS-Version: -
Called Station Identifier:18:64:72:C7:A2:14
Calling Station Identifier:0C:60:76:24:98:4B
NAS:
NAS IPv4 Address:192.168.70.25
NAS IPv6 Address: -
NAS Identifier:-
NAS Port-Type:Wireless - IEEE 802.11
NAS Port:0
RADIUS Client:
Client Friendly Name: MT 70 VC
Client IP Address: 192.168.70.25
Authentication Details:
Connection Request Policy Name: Secure Wireless Connections - 802.1x
Network Policy Name: Secure Wireless Connections - WiFiStudent - Secure
Authentication Provider: Windows
Authentication Server: server1.domain.lan
Authentication Type: MS-CHAPv2
EAP Type:-
Account Session Identifier:-
Logging Results:Accounting information was written to the local log file.
Quarantine Information:
Result:Full Access
Session Identifier:-
Fail Attempt Termination Disabled
Audit Failure8/5/2014 2:02:50 PMMicrosoft Windows security auditing.6273Network Policy Server
Log Name: Security
Source: Microsoft-Windows-Security-Auditing
Date: 8/5/2014 2:02:50 PM
Event ID: 6273
Task Category: Network Policy Server
Level: Information
Keywords: Audit Failure
User: N/A
Computer: Server1.domain.lan
Description:
Network Policy Server denied access to a user.
Contact the Network Policy Server administrator for more information.
User:
Security ID: Domain\Test
Account Name: test
Fully Qualified Account Name: Domain\test
Client Machine:
Security ID: NULL SID
Account Name: -
Fully Qualified Account Name:-
OS-Version: -
Called Station Identifier:18:64:72:C7:A2:40
Calling Station Identifier:0C:60:76:24:98:4B
NAS:
NAS IPv4 Address:192.168.70.25
NAS IPv6 Address: -
NAS Identifier:192.168.70.36
NAS Port-Type: Wireless - IEEE 802.11
NAS Port:0
RADIUS Client:
Client Friendly Name: MT 70 VC
Client IP Address:192.168.70.25
Authentication Details:
Connection Request Policy Name: Secure Wireless Connections - 802.1x
Network Policy Name: Secure Wireless Connections - WiFiStudent - Secure
Authentication Provider: Windows
Authentication Server: Server1.domain.lan
Authentication Type: EAP
EAP Type: -
Account Session Identifier: -
Logging Results: Accounting information was written to the local log file.
Reason Code: 22
Reason: The client could not be authenticated because the Extensible Authentication Protocol (EAP) Type cannot be processed by the server.