Hi Folks I am having some problems setting up RADIUS authentication for Wireless clients. We have a staff wireless here using WPA2 Enterprise security to allow access to any users that have a domain account. The connection settings are rolled out via Group Policy. We have set up NPS on the domain controller and are trying to use PEAP-MSCHAPv2 as the auth method. The RADIUS server is registered in Active Directory and is able to validate users, but the process fails at the EAP stage. I have enabled tracing on the server and the logs from various files are below. We have tried many different combinations of authentication methods and the error is always the same. Currently the policy conditions are as follows; NAS Port Type - Wireless - IEEE 802.11 Allowed EAP Types - PEAP OR SmartCard/Certificate Authentication Types - PEAP Any help/support you can provide would be greatly appreciated! Regards Jon IASNAP [5384] 07-13 12:41:54:860: The request comes from NAS type 0 [5384] 07-13 12:41:54:860: Applying CRP policy:Use Windows authentication for all users [5384] 07-13 12:41:54:860: The request comes from NAS type 0 [5384] 07-13 12:41:54:860: Response type is 2, so disable Quarantine State [5384] 07-13 12:41:54:860: WARNING: No SHV Session Handle [5384] 07-13 12:41:54:860: The request is given quarantine state 3 IASRAD [5384] 07-13 12:41:54:860: Receive RADIUS packet with size 195 from ::ffff:192.168.0.230 [5384] 07-13 12:41:54:860: message authenticator Attribute added to out-bound RADIUS packet [5384] 07-13 12:41:54:860: Message Authenticator Attribute set in out UDP buffer IASSAM [5384] 07-13 12:41:54:860: NT-SAM Names handler received request with user identity CCLCHC\vpadayachee. [5384] 07-13 12:41:54:860: Username is already an NT4 account name. [5384] 07-13 12:41:54:860: SAM-Account-Name is "CCLCHC\vpadayachee". [5384] 07-13 12:41:54:860: Successfully created new RAP Based EAP session for user CCLCHC\vpadayachee. [5384] 07-13 12:41:54:860: No AUTHENTICATION extensions, continuing [5384] 07-13 12:41:54:860: NT-SAM Authentication handler received request for CCLCHC\vpadayachee. [5384] 07-13 12:41:54:860: Validating windows user account CCLCHC\vpadayachee [5384] 07-13 12:41:54:860: Sending LDAP search to CHDC3.int.chc.concepts.co.nz. [5384] 07-13 12:41:54:860: Successfully validated windows account CCLCHC\vpadayachee. [5384] 07-13 12:41:54:860: No AUTHORIZATION extensions, continuing [5384] 07-13 12:41:54:860: Added EAP Failure packet

Hi, You can refer to this KB No response to 802.1X authentication requests after authentication fails on a computer that is running Windows 7 or Windows Server 2008 R2 to check whether it helps. In addition, I suggest you post this issue in Windows Server forum for further discussion. The reason why we recommend posting appropriately is you will get the most qualified pool of respondents, and other partners who read the forums regularly can either share their knowledge or learn from your interaction with us. Thank you for your understanding. Regards Vincent Wang TechNet Community Support

Hi, You can refer to this KB No response to 802.1X authentication requests after authentication fails on a computer that is running Windows 7 or Windows Server 2008 R2 to check whether it helps. In addition, I suggest you post this issue in Windows Server forum for further discussion. The reason why we recommend posting appropriately is you will get the most qualified pool of respondents, and other partners who read the forums regularly can either share their knowledge or learn from your interaction with us. Thank you for your understanding. Regards Vincent Wang TechNet Community Support