The RADIUS request did not match any configured connection request policy (CRP)

rsingh001 · ‎08-06-2013

I setup NPS server and added a RADIUS Client access point, my project is to get a wireless user to authenticate using his/her AD credientials, my problem is i can't seem to authenticate my user

my NPS server is giving me this error log under Event Viewer > Server Logs > Network Policy and Access Services

Reason: The RADIUS request did not match any configured connection request policy (CRP).

but from my understanding i don't need to setup Connection Request Policies because i am using Network Policy

Please Help!

Abhishek Abhishek · ‎08-06-2013

Hello,

As per your query i can suggest you the following solution-

The default connection request policy is the only configured policy. In this example, NPS is configured as a RADIUS server and all connection requests are processed by the local NPS server. The NPS server can authenticate and authorize users whose accounts are in the domain of the NPS server domain and in trusted domains.

Hope this will help you.

rsingh001 · ‎08-09-2013

thanks for your reply, i setup a new NPS policy here is my error log

----------------------------------------------------------------------------------------------------------------------------------------

Network Policy Server denied access to a user.

Contact the Network Policy Server administrator for more information.

User:

Security ID: NULL SID

Account Name: csdomain\rsingh

Account Domain: csdomain

Fully Qualified Account Name: csdomain\rsingh

Client Machine:

Security ID: NULL SID

Account Name: -

Fully Qualified Account Name: -

OS-Version: -

Called Station Identifier: 0026.992f.6761

Calling Station Identifier: 2477.0392.b0f8

NAS:

NAS IPv4 Address: 192.50.2.2

NAS IPv6 Address: -

NAS Identifier: MYWAP

NAS Port-Type: Wireless - IEEE 802.11

NAS Port: 35290

RADIUS Client:

Client Friendly Name: MYWAP

Client IP Address: 192.50.2.2

Authentication Details:

Connection Request Policy Name: PEAP

Network Policy Name: -

Authentication Provider: Windows

Authentication Server: MYSERVER.csdomain.com

Authentication Type: EAP

EAP Type: -

Account Session Identifier: -

Logging Results: Accounting information was written to the local log file.

Reason Code: 22

Reason: The client could not be authenticated because the Extensible Authentication Protocol (EAP) Type cannot be processed by the server.

Scott Fella · ‎08-09-2013

It hitting your policy PEAP, but how is that setup?

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***

rsingh001 · ‎08-09-2013

here are the snapshots of what my policy looks like

rsingh001 · ‎08-09-2013

also here is a look at my AP

Scott Fella · ‎08-09-2013

On your 3rd screenshot you should disable the last two checkbox and also click edit so I can see how you have that setup.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***

rsingh001 · ‎08-09-2013

here you go...

Scott Fella · ‎08-09-2013

You need the first two checkbox enabled. You had the first 4. You have a certificate loaded on the radius server.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***

Scott Fella · ‎08-09-2013

What other options do you have besides EAP secure password.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***

rsingh001 · ‎08-09-2013

i created a local certificate...

Scott Fella · ‎08-09-2013

Might just be the certificate your using then.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***

rsingh001 · ‎08-09-2013

i also have a certificate that was issued by Godaddy however i got the same errors

Scott Fella · ‎08-09-2013

Make sure your client isn't validating a server cert. test with this and see if they connect. If they can't, it's got to be the cert.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***