Discussion:
A radius message with the code field
(too old to reply)
optonic
2008-05-27 11:03:00 UTC
Permalink
Almost every week the message below appears on the radius server.
Then no clients can logon to the wap's.
After reboot the radius server is working properly again.

A RADIUS message with the Code field set to 11, which is not valid, was
received on port 1812 from RADIUS client "WiressAccessPoint". Valid values of
the RADIUS Code field are documented in RFC 2865.

Any ideas or suggestions.
S. Pidgorny <MVP>
2008-05-28 10:35:43 UTC
Permalink
What is in the access point logs?
If you reboot the access point, does it fix the issue?
If you just restart IAS service, does it fix the issue?
Did you try to update the access point OS to the latest version?
--
Svyatoslav Pidgorny, MS MVP - Security, MCSE
-= F1 is the key =-

* http://sl.mvps.org * http://msmvps.com/blogs/sp *
Post by optonic
Almost every week the message below appears on the radius server.
Then no clients can logon to the wap's.
After reboot the radius server is working properly again.
A RADIUS message with the Code field set to 11, which is not valid, was
received on port 1812 from RADIUS client "WiressAccessPoint". Valid values of
the RADIUS Code field are documented in RFC 2865.
Any ideas or suggestions.
optonic
2008-05-28 12:56:00 UTC
Permalink
Hi,

In the accesspoint log the following message
802.1X authentication failed (timeout)

reboot of accesspoint didn't help last time.
And a restart of IAS didn't fix it also.

There is one later update to the WAP, but that is just released and nothing
points to a fix for that kind of problem.
S. Pidgorny <MVP>
2008-05-30 09:34:01 UTC
Permalink
That doesn't make sense. IAS service is running but effectively not
fnctioning, and only reboot fixing that? Perhaps you need to get more log
entries and also analyse IAS logs.......
--
Svyatoslav Pidgorny, MS MVP - Security, MCSE
-= F1 is the key =-

* http://sl.mvps.org * http://msmvps.com/blogs/sp *
Post by optonic
Hi,
In the accesspoint log the following message
802.1X authentication failed (timeout)
reboot of accesspoint didn't help last time.
And a restart of IAS didn't fix it also.
There is one later update to the WAP, but that is just released and nothing
points to a fix for that kind of problem.
optonic
2008-06-09 06:31:00 UTC
Permalink
Hi,

It just happened again. First I rebooted the accesspoint. no result.
After that I restarted the IAS Service. no result.
After that I restarted the server and it worked again.
I have checked the IAS log but nothing is in there.
Only in the event viewer I have the following.

A RADIUS message with the Code field set to 11, which is not valid, was
received on port 1812 from RADIUS client SMNL-A-Hal2. Valid values of the
RADIUS Code field are documented in RFC 2865.

For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Post by S. Pidgorny <MVP>
That doesn't make sense. IAS service is running but effectively not
fnctioning, and only reboot fixing that? Perhaps you need to get more log
entries and also analyse IAS logs.......
--
Svyatoslav Pidgorny, MS MVP - Security, MCSE
-= F1 is the key =-
* http://sl.mvps.org * http://msmvps.com/blogs/sp *
Post by optonic
Hi,
In the accesspoint log the following message
802.1X authentication failed (timeout)
reboot of accesspoint didn't help last time.
And a restart of IAS didn't fix it also.
There is one later update to the WAP, but that is just released and nothing
points to a fix for that kind of problem.
optonic
2008-06-09 06:36:00 UTC
Permalink
I noticed that it happened after the following message in the event viewer.
It a information message.
"A LDAP connection with domain controller "domain controller"for domain SMNL
is established.

But that message is every 1 hour.
Post by S. Pidgorny <MVP>
That doesn't make sense. IAS service is running but effectively not
fnctioning, and only reboot fixing that? Perhaps you need to get more log
entries and also analyse IAS logs.......
--
Svyatoslav Pidgorny, MS MVP - Security, MCSE
-= F1 is the key =-
* http://sl.mvps.org * http://msmvps.com/blogs/sp *
Post by optonic
Hi,
In the accesspoint log the following message
802.1X authentication failed (timeout)
reboot of accesspoint didn't help last time.
And a restart of IAS didn't fix it also.
There is one later update to the WAP, but that is just released and nothing
points to a fix for that kind of problem.
S. Pidgorny <MVP>
2008-06-10 10:48:37 UTC
Permalink
Still it's impossible to give you advice as to going forward (short of
upgrading to NPS eg ignoring the issue and using new product). Perhaps you
can open a case with MS PSS.
--
Svyatoslav Pidgorny, MS MVP - Security, MCSE
-= F1 is the key =-

* http://sl.mvps.org * http://msmvps.com/blogs/sp *
Post by optonic
I noticed that it happened after the following message in the event viewer.
It a information message.
"A LDAP connection with domain controller "domain controller"for domain SMNL
is established.
But that message is every 1 hour.
Post by S. Pidgorny <MVP>
That doesn't make sense. IAS service is running but effectively not
fnctioning, and only reboot fixing that? Perhaps you need to get more log
entries and also analyse IAS logs.......
--
Svyatoslav Pidgorny, MS MVP - Security, MCSE
-= F1 is the key =-
* http://sl.mvps.org * http://msmvps.com/blogs/sp *
Post by optonic
Hi,
In the accesspoint log the following message
802.1X authentication failed (timeout)
reboot of accesspoint didn't help last time.
And a restart of IAS didn't fix it also.
There is one later update to the WAP, but that is just released and nothing
points to a fix for that kind of problem.
optonic
2008-06-24 08:59:00 UTC
Permalink
Hi,

after updating all access points to the latest firmware the problem did not
return till yet.
I will keep my fingers crossed.

Thx for the support sofar
Post by S. Pidgorny <MVP>
Still it's impossible to give you advice as to going forward (short of
upgrading to NPS eg ignoring the issue and using new product). Perhaps you
can open a case with MS PSS.
--
Svyatoslav Pidgorny, MS MVP - Security, MCSE
-= F1 is the key =-
* http://sl.mvps.org * http://msmvps.com/blogs/sp *
Post by optonic
I noticed that it happened after the following message in the event viewer.
It a information message.
"A LDAP connection with domain controller "domain controller"for domain SMNL
is established.
But that message is every 1 hour.
Post by S. Pidgorny <MVP>
That doesn't make sense. IAS service is running but effectively not
fnctioning, and only reboot fixing that? Perhaps you need to get more log
entries and also analyse IAS logs.......
--
Svyatoslav Pidgorny, MS MVP - Security, MCSE
-= F1 is the key =-
* http://sl.mvps.org * http://msmvps.com/blogs/sp *
Post by optonic
Hi,
In the accesspoint log the following message
802.1X authentication failed (timeout)
reboot of accesspoint didn't help last time.
And a restart of IAS didn't fix it also.
There is one later update to the WAP, but that is just released and nothing
points to a fix for that kind of problem.
Loading...