and type you have configured in network policy.
password) you must deploy PEAP-TLS or EAP-TLS. With these auth
as proof of identity.
clients/users.
. Available for download in Word format at the Microsoft Download
. Available in HTML format in the Windows Server 2008 Technical
. Available for download in Word format at the Microsoft Download
. Available in HTML format in the Windows Server 2008 Technical
Post by Arch WillinghamOK...I now at least have them talking to each other (the access
points and the NPS server) and the NPS server is logging the
requests. Shown below is me trying to connect with my Ipaq.
10.1.2.10,ourdomain\auburn,07/01/2008,08:04:14,IAS,NPSSERVER,4,10.1
.2 .1
0,30,00131019722b,31,000278556e1d,32,00131019722b,5,38,12,1400,61,1
9, 41 08,10.1.2.10,4116,0,4128,Wireless 2,4154,Secure
Wireless,4155,1,4129,ourdomain\auburn,4130,ourdomain\auburn,25,311
1 fe80::412b:5577:366c:f668 06/30/2008 15:04:09
19,4127,5,4149,Secure Wireless,4136,1,4142,0
10.1.2.10,ourdomain\auburn,07/01/2008,08:04:14,IAS,NPSSERVER,25,311
1 fe80::412b:5577:366c:f668 06/30/2008 15:04:09
19,27,60,4108,10.1.2.10,4116,0,4128,Wireless 2,4154,Secure
Wireless,4155,1,4129,ourdomain\auburn,4130,ourdomain\auburn,4127,5,
41 49 ,Secure Wireless,4136,11,4142,0
10.1.2.10,ourdomain\auburn,07/01/2008,08:04:14,IAS,NPSSERVER,4,10.1
.2 .1
0,30,00131019722b,31,000278556e1d,32,00131019722b,5,38,12,1400,61,1
9, 41 08,10.1.2.10,4116,0,4128,Wireless 2,4154,Secure
Wireless,4155,1,4129,ourdomain\auburn,4130,ourdomain\auburn,4127,5,
41 49 ,Secure Wireless,25,311 1 fe80::412b:5577:366c:f668
06/30/2008 15:04:09 20,4132,,4136,1,4142,0
10.1.2.10,ourdomain\auburn,07/01/2008,08:04:14,IAS,NPSSERVER,25,311
1 fe80::412b:5577:366c:f668 06/30/2008 15:04:09
20,4132,,4108,10.1.2.10,4116,0,4128,Wireless 2,4154,Secure
Wireless,4155,1,4129,ourdomain\auburn,4130,ourdomain\auburn,4127,5,
41 49 ,Secure Wireless,4136,3,4142,22
Once it tries to connect, it pops up and asks me for my domain
password (like it did with ISA) and but then it comes back with
"Cannot log onto the wireless network. This network requires a
personal certificate to positively identify you.". That's the part
I am stuck on. With the old ISA walk through, you could tell how
to export out the wireless certificates for the clients. I can't
tell how or where you do that now.
Also, the point in the NPS setup where you tell it what
certificate to use (under Protected EAP properties > certificate
issued), it has a weird certificate name. Where did it get that
and why does it use it?
Thanks!
Arch
Post by James McIllece [MS]If that's the case, then NPS is not even receiving connection
requests. Ensure that the APs and NPS are both using the same
RADIUS ports, verify connectivity between NPS and the APs, and
ensure the RADIUS shared secrets are the same as configured on
each AP and in NPS RADIUS clients.
Post by Arch WillinghamNothing show up there nor in teh log files..no
entries...nothing.
Post by S. Pidgorny <MVP>System log entries?
--
Svyatoslav Pidgorny, MS MVP - Security, MCSE
-= F1 is the key =-
* http://sl.mvps.org * http://msmvps.com/blogs/sp *
Post by Arch WillinghamSomehow I missed that IAS is now something new with Win2008
and its now called NPS. I had to rebuild teh server that runs
IAS and used Server 2008 to do so.
I ran through the wireless Wizard but the wirelsss clients
will not connect. I know there are a thousand possibilities
but where do I start with debugging?
Thanks!
Arch