We are using WLC4402 for our Aironet 1240AG access points. The clients are connecting to the access points and are authenticating to the RADIUS server. I am seeing the logs in Server 2008 but they are being rejected due to Network Policy on the NPS server.
Where do I see the Authentication Type on the WLC4400 or the 1240's? In order for the clients (authenticated via Active Directory user) I have to set the Authentication in the NPS Connection Request Policy to "Allow clients to connect without negotiating an authentication method".
I do not have a certificate on the server and my method options are MS-CHAP-v2, MS-CHAP, CHAP, PAP, SPAP, and allow without negotiating. This RADIUS server was moved from Server 2003 IAS to Server 2008 NPS and there were no issues in Server 2003 IAS. I have all authentication methods allowed and it still gives me the error below. Only when I check "Allow clients to connect without negotiating an authentication method" it allows the authentication to proceed.
Any insight is greatly appreciated. Thank you!
Security ID: NULL SID
Account Name: -
Fully Qualified Account Name: -
Called Station Identifier: 00-17-a2-87-54-00:SSIDNAME
Calling Station Identifier: 00-41-96-b6-e3-27
NAS IPv4 Address: 192.168.90.24
NAS IPv6 Address: -
NAS Identifier: WLCHOSTNAME
NAS Port-Type: Wireless - IEEE 802.11
NAS Port: 1
Client Friendly Name: AP Controller 2
Client IP Address: 192.168.90.24
Connection Request Policy Name: Use Windows authentication for all users
Network Policy Name: Wireless MAC Authentication Policy
Authentication Provider: Windows
Authentication Server: RADIUSSERVERHOSTNAME
Authentication Type: Unauthenticated
EAP Type: -
Account Session Identifier: -
Logging Results: Accounting information was written to the local log file.
Reason Code: 66
Reason: The user attempted to use an authentication method that is not enabled on the matching network policy.