Wireless Access

Hi All,

    I have a customer who has a setup which has stopped authenticating windows laptops. I can't determine what if anything has changed on the network but I guess something must have. From the client point of view I see the EAP-Request then the EAP-response from the controller. When running a packet capture (controlpath) on the controller I see RADIUS packets being formed but no response from the RADIUS server. I can't determine at the moment whether the RADIUS packets are leaving the controller port. Running the aaa test-server command proves that server is reachable and shared secret is configured correctly. The 3400 controller is configured with a loopback address and it is running 6.3.1.8.

The RADIUS server is configured with an IP not a hostname.

Any Ideas?

What is providing the Radius functionality?

MS NPS server is the RADIUS server.

Start with the NPs server to see if there are any logs from the EAP traffic. Since the controller AAA test works (which uses PAP, not an EAP protocol), it could be that the allowed authentication methods have changed.

Hi Thanks, Ive done that but I'm told there are no events on the NPS server. The same machines are authenticing in another building on a Ruckus wireless network pointing to the same RADIUS server. So I've backtracked to the controller end to try and TS there.

Has this ever worked before?

Does the NPS work for other authentications like user authentication (PEAP)? Or are you only using machine auth?

My point being check if the Radius Server cert is still valid, I know a few times this have expired and caused havoc.