I'm trying to control the access of my LAN by authenticate user with EAP / MSIAS + AD.
The IAS denied the access with error 112: The remote RADIUS server did not process the authentication request.
I setup the IAS policy to answer with vendor specific 64:"VLAN", 65:802, 81:10
Is somebody already acheive to use MS-IAS Radius authentication with a Cisco switch 2960
Mon Jun 28 12:22:49 2010: <191>4105: Jun 28 12:22:49.122 UTC+1: RADIUS(00000098): Send Access-Request to 10.221.136.14:1645 id 1645/56, len 211
Mon Jun 28 12:22:49 2010: <191>4106: Jun 28 12:22:49.122 UTC+1: RADIUS: authenticator 91 EC 87 87 89 0E AF 79 - 76 CE 5A 61 ED 1A D7 AC
Mon Jun 28 12:22:49 2010: <191>4107: Jun 28 12:22:49.122 UTC+1: RADIUS: User-Name [1] 17 "EUROPE\ParisAdm"
Mon Jun 28 12:22:49 2010: <191>4108: Jun 28 12:22:49.122 UTC+1: RADIUS: Service-Type [6] 6 Framed [2]
Mon Jun 28 12:22:49 2010: <191>4109: Jun 28 12:22:49.122 UTC+1: RADIUS: Framed-MTU [12] 6 1500
Mon Jun 28 12:22:49 2010: <191>4110: Jun 28 12:22:49.122 UTC+1: RADIUS: Called-Station-Id [30] 19 "00-24-51-55-47-84"
Mon Jun 28 12:22:49 2010: <191>4111: Jun 28 12:22:49.122 UTC+1: RADIUS: Calling-Station-Id [31] 19 "00-14-22-BF-46-40"
Mon Jun 28 12:22:49 2010: <191>4112: Jun 28 12:22:49.122 UTC+1: RADIUS: EAP-Message [79] 22
Mon Jun 28 12:22:49 2010: <191>4113: Jun 28 12:22:49.122 UTC+1: RADIUS: 02 02 00 14 01 45 55 52 4F 50 45 5C 50 61 72 69 73 41 64 6D [ EUROPE\ParisAdm]
Mon Jun 28 12:22:49 2010: <191>4114: Jun 28 12:22:49.122 UTC+1: RADIUS: Message-Authenticato[80] 18
Mon Jun 28 12:22:49 2010: <191>4115: Jun 28 12:22:49.122 UTC+1: RADIUS: 27 E9 35 4C C3 69 99 B0 1B D9 3A 08 84 C0 71 E4 [ '5Li:q]
Mon Jun 28 12:22:49 2010: <191>4116: Jun 28 12:22:49.122 UTC+1: RADIUS: Vendor, Cisco [26] 49
Mon Jun 28 12:22:49 2010: <191>4117: Jun 28 12:22:49.122 UTC+1: RADIUS: Cisco AVpair [1] 43 "audit-session-id=C0A8FE030000006B13A4833C"
Mon Jun 28 12:22:49 2010: <191>4118: Jun 28 12:22:49.122 UTC+1: RADIUS: NAS-Port-Type [61] 6 Ethernet [15]
Mon Jun 28 12:22:49 2010: <191>4119: Jun 28 12:22:49.122 UTC+1: RADIUS: NAS-Port [5] 6 50004
Mon Jun 28 12:22:49 2010: <191>4120: Jun 28 12:22:49.122 UTC+1: RADIUS: NAS-Port-Id [87] 17 "FastEthernet0/4"
Mon Jun 28 12:22:49 2010: <191>4121: Jun 28 12:22:49.122 UTC+1: RADIUS: NAS-IP-Address [4] 6 192.168.254.3
Mon Jun 28 12:22:50 2010: <191>4122: Jun 28 12:22:49.206 UTC+1: RADIUS: Received from id 1645/56 10.221.136.14:1645, Access-Reject, len 20
Mon Jun 28 12:22:50 2010: <191>4123: Jun 28 12:22:49.206 UTC+1: RADIUS: authenticator CC 28 1A 22 28 32 F2 27 - 79 1F 2B 01 32 C5 AD BC
Mon Jun 28 12:22:50 2010: <191>4124: Jun 28 12:22:49.206 UTC+1: RADIUS(00000098): Received from id 1645/56
Mon Jun 28 12:22:52 2010: <187>4125: Jun 28 12:22:50.842 UTC+1: %LINK-3-UPDOWN: Interface FastEthernet0/4, changed state to up
Thx for your help
Pascal