I think this has something to do with Server's type certificate which doesn't bound properly to MS IAS EAP settings. You may want to re-check if any missing checkbox related to Server's certificate.
On Tue, Jun 14, 2011 at 3:53 PM, Edward Iong <edward_io...@hotmail.com> wrote: > Hi there, > > I have checked the cert is not expired > > > > > >> CC: cisco-nsp@puck.nether.net >> From: engel.lab...@gmail.com >> Subject: Re: [c-nsp] Wireless 802.1x authentication failures >> Date: Tue, 14 Jun 2011 15:22:14 +0900 >> To: edward_io...@hotmail.com >> >> You may want to eliminate several issues contributing to this problem. One >> thing to check is the expiration date of the certificate issued for MS ISA. >> >> HTH >> >> Sent from my iPhone >> >> On 2011/06/14, at 15:13, Edward Iong <edward_io...@hotmail.com> wrote: >> >> > >> > Dear All, >> > >> > We are using windows certificates for authenticate domain computers to >> > connect wireless network. >> > >> > In previous, it is working. Everyone can access wireless network. But >> > now no one can get access, we found in the MS ISA event Log, it has a >> > warning message as below >> > >> > >> > Event Type: Warning >> > Event Source: IAS >> > Event Category: None >> > Event ID: 2 >> > Date: 6/14/2011 >> > Time: 1:16:37 PM >> > User: N/A >> > Computer: EDC-HKNT135 >> > Description: >> > User host/BDNB00011.bd.ABC.com was denied access. >> > Fully-Qualified-User-Name = ABC\BDNB00011$ >> > NAS-IP-Address = 10.XXX.XXX.51 >> > NAS-Identifier = BDWLC1 >> > Called-Station-Identifier = :xxx >> > Calling-Station-Identifier = >> > Client-Friendly-Name = BDWLC1 >> > Client-IP-Address = 10.XXX.XXX.51 >> > NAS-Port-Type = Wireless - IEEE 802.11 >> > NAS-Port = 1 >> > Proxy-Policy-Name = Use Windows authentication for all users >> > Authentication-Provider = Windows >> > Authentication-Server = <undetermined> >> > Policy-Name = <undetermined> >> > Authentication-Type = EAP >> > EAP-Type = <undetermined> >> > Reason-Code = 48 >> > Reason = The connection attempt did not match any remote access policy. >> > For more information, see Help and Support Center at >> > http://go.microsoft.com/fwlink/events.asp. >> > Data: >> > 0000: 00 00 00 00 .... >> > >> > Could anyone have any clues? or any suggestion for me to find out the >> > issue come from? >> > >> > >> > Thanks and Regards, >> > >> > >> > Edward >> > >> > >> > >> > >> > _______________________________________________ >> > cisco-nsp mailing list cisco-nsp@puck.nether.net >> > https://puck.nether.net/mailman/listinfo/cisco-nsp >> > archive at http://puck.nether.net/pipermail/cisco-nsp/ > _______________________________________________ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/