We have 10 Cisco 1200 wireless APs. The VLAN 1 use Windows certificate as authentication and VLAN 100 for the public. They work fine. We just bought two 1310 wireless bridges for outdoor use. We contact Cisco support for setup these two bridges. The wireless can receive the signal but can't logon. The IP is 169.254.x.x. The Certificate server receive Event ID 2 as below. The Cisco engineer can't make it work and he said the setup Windows IAS is not his expertise. Any suggestions how can we fix this issue?
Event Type: Warning
Event Source: IAS
Event Category: None
Event ID: 2
Time: 7:41:21 PM
User blin was denied access.
Fully-Qualified-User-Name = chicagotech.net/Users/Bob Lin
NAS-IP-Address = 10.0.20.54
NAS-Identifier = Outdoor_1300_2
Called-Station-Identifier = <not present>
Calling-Station-Identifier = <not present>
Client-Friendly-Name = Root Bridge1
Client-IP-Address = 10.0.20.54
NAS-Port-Type = Async
NAS-Port = <not present>
Proxy-Policy-Name = Use Windows authentication for all users
Authentication-Provider = Windows
Authentication-Server = <undetermined>
Policy-Name = All
Authentication-Type = PAP
EAP-Type = <undetermined>
Reason-Code = 66
Reason = The user attempted to use an authentication method that is not enabled on the matching remote access policy.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
0000: 00 00 00 00 ....