Hi,
We use a combination of Ruckus and Network Policy Server running on 2008R2 to provide 802.1x authentication to our wireless network.
For the past year, it has given us very few problems but now, nobody can connect. Always get the same "The RADIUS request did not match any configured connection request policy"
We have very little in the way of network policies and connection request policies. Literally the only requirements are that they have wireless ability, are member of the Domain Computers group and use Windows authentication.
The computers are logging on to the domain fine therefore it should be passing their AD credentials, they obviously have wireless and they are members of the Domain Computers group. The certificate hasn't expired.
I have tried disabling all the policies and it still doesn't work. I have tried rebooting the NPS and the Ruckus box.
Does anyone have any idea what is wrong? - here is the full log file :
We use a combination of Ruckus and Network Policy Server running on 2008R2 to provide 802.1x authentication to our wireless network.
For the past year, it has given us very few problems but now, nobody can connect. Always get the same "The RADIUS request did not match any configured connection request policy"
We have very little in the way of network policies and connection request policies. Literally the only requirements are that they have wireless ability, are member of the Domain Computers group and use Windows authentication.
The computers are logging on to the domain fine therefore it should be passing their AD credentials, they obviously have wireless and they are members of the Domain Computers group. The certificate hasn't expired.
I have tried disabling all the policies and it still doesn't work. I have tried rebooting the NPS and the Ruckus box.
Does anyone have any idea what is wrong? - here is the full log file :
Log Name: Security
Source: Microsoft-Windows-Security-Auditing
Date: 21/08/2013 11:26:55
Event ID: 6273
Task Category: Network Policy Server
Level: Information
Keywords: Audit Failure
User: N/A
Computer: nwhserver9.nwhs.local
Description:
Network Policy Server denied access to a user.
Contact the Network Policy Server administrator for more information.
User:
Security ID: NULL SID
Account Name: NWHS\administrator
Account Domain: -
Fully Qualified Account Name: -
Client Machine:
Security ID: NULL SID
Account Name: -
Fully Qualified Account Name: -
OS-Version: -
Called Station Identifier: 54-3D-37-A0-75-18:nwhsatrium
Calling Station Identifier: F0-7B-CB-95-0B-E6
NAS:
NAS IPv4 Address: 10.103.20.13
NAS IPv6 Address: -
NAS Identifier: 54-3D-37-A0-75-18
NAS Port-Type: Wireless - IEEE 802.11
NAS Port: 10
RADIUS Client:
Client Friendly Name: ZoneDirector
Client IP Address: 10.103.20.13
Authentication Details:
Connection Request Policy Name: -
Network Policy Name: -
Authentication Provider: -
Authentication Server: nwhserver9.nwhs.local
Authentication Type: -
EAP Type: -
Account Session Identifier: -
Logging Results: Accounting information was written to the local log file.
Reason Code: 49
Reason: The RADIUS request did not match any configured connection request policy (CRP).
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-Security-Auditing" Guid="{54849625-5478-4994-A5BA-3E3B0328C30D}" />
<EventID>6273</EventID>
<Version>1</Version>
<Level>0</Level>
<Task>12552</Task>
<Opcode>0</Opcode>
<Keywords>0x8010000000000000</Keywords>
<TimeCreated SystemTime="2013-08-21T10:26:55.354977200Z" />
<EventRecordID>3509381</EventRecordID>
<Correlation />
<Execution ProcessID="600" ThreadID="6168" />
<Channel>Security</Channel>
<Computer>nwhserver9.nwhs.local</Computer>
<Security />
</System>
<EventData>
<Data Name="SubjectUserSid">S-1-0-0</Data>
<Data Name="SubjectUserName">NWHS\administrator</Data>
<Data Name="SubjectDomainName">-</Data>
<Data Name="FullyQualifiedSubjectUserName">-</Data>
<Data Name="SubjectMachineSID">S-1-0-0</Data>
<Data Name="SubjectMachineName">-</Data>
<Data Name="FullyQualifiedSubjectMachineName">-</Data>
<Data Name="MachineInventory">-</Data>
<Data Name="CalledStationID">54-3D-37-A0-75-18:nwhsatrium</Data>
<Data Name="CallingStationID">F0-7B-CB-95-0B-E6</Data>
<Data Name="NASIPv4Address">10.103.20.13</Data>
<Data Name="NASIPv6Address">-</Data>
<Data Name="NASIdentifier">54-3D-37-A0-75-18</Data>
<Data Name="NASPortType">Wireless - IEEE 802.11</Data>
<Data Name="NASPort">10</Data>
<Data Name="ClientName">ZoneDirector</Data>
<Data Name="ClientIPAddress">10.103.20.13</Data>
<Data Name="ProxyPolicyName">-</Data>
<Data Name="NetworkPolicyName">-</Data>
<Data Name="AuthenticationProvider">-</Data>
<Data Name="AuthenticationServer">nwhserver9.nwhs.local</Data>
<Data Name="AuthenticationType">-</Data>
<Data Name="EAPType">-</Data>
<Data Name="AccountSessionIdentifier">-</Data>
<Data Name="ReasonCode">49</Data>
<Data Name="Reason">The RADIUS request did not match any configured connection request policy (CRP).</Data>
<Data Name="LoggingResult">Accounting information was written to the local log file.</Data>
</EventData>
</Event>
Source: Microsoft-Windows-Security-Auditing
Date: 21/08/2013 11:26:55
Event ID: 6273
Task Category: Network Policy Server
Level: Information
Keywords: Audit Failure
User: N/A
Computer: nwhserver9.nwhs.local
Description:
Network Policy Server denied access to a user.
Contact the Network Policy Server administrator for more information.
User:
Security ID: NULL SID
Account Name: NWHS\administrator
Account Domain: -
Fully Qualified Account Name: -
Client Machine:
Security ID: NULL SID
Account Name: -
Fully Qualified Account Name: -
OS-Version: -
Called Station Identifier: 54-3D-37-A0-75-18:nwhsatrium
Calling Station Identifier: F0-7B-CB-95-0B-E6
NAS:
NAS IPv4 Address: 10.103.20.13
NAS IPv6 Address: -
NAS Identifier: 54-3D-37-A0-75-18
NAS Port-Type: Wireless - IEEE 802.11
NAS Port: 10
RADIUS Client:
Client Friendly Name: ZoneDirector
Client IP Address: 10.103.20.13
Authentication Details:
Connection Request Policy Name: -
Network Policy Name: -
Authentication Provider: -
Authentication Server: nwhserver9.nwhs.local
Authentication Type: -
EAP Type: -
Account Session Identifier: -
Logging Results: Accounting information was written to the local log file.
Reason Code: 49
Reason: The RADIUS request did not match any configured connection request policy (CRP).
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-Security-Auditing" Guid="{54849625-5478-4994-A5BA-3E3B0328C30D}" />
<EventID>6273</EventID>
<Version>1</Version>
<Level>0</Level>
<Task>12552</Task>
<Opcode>0</Opcode>
<Keywords>0x8010000000000000</Keywords>
<TimeCreated SystemTime="2013-08-21T10:26:55.354977200Z" />
<EventRecordID>3509381</EventRecordID>
<Correlation />
<Execution ProcessID="600" ThreadID="6168" />
<Channel>Security</Channel>
<Computer>nwhserver9.nwhs.local</Computer>
<Security />
</System>
<EventData>
<Data Name="SubjectUserSid">S-1-0-0</Data>
<Data Name="SubjectUserName">NWHS\administrator</Data>
<Data Name="SubjectDomainName">-</Data>
<Data Name="FullyQualifiedSubjectUserName">-</Data>
<Data Name="SubjectMachineSID">S-1-0-0</Data>
<Data Name="SubjectMachineName">-</Data>
<Data Name="FullyQualifiedSubjectMachineName">-</Data>
<Data Name="MachineInventory">-</Data>
<Data Name="CalledStationID">54-3D-37-A0-75-18:nwhsatrium</Data>
<Data Name="CallingStationID">F0-7B-CB-95-0B-E6</Data>
<Data Name="NASIPv4Address">10.103.20.13</Data>
<Data Name="NASIPv6Address">-</Data>
<Data Name="NASIdentifier">54-3D-37-A0-75-18</Data>
<Data Name="NASPortType">Wireless - IEEE 802.11</Data>
<Data Name="NASPort">10</Data>
<Data Name="ClientName">ZoneDirector</Data>
<Data Name="ClientIPAddress">10.103.20.13</Data>
<Data Name="ProxyPolicyName">-</Data>
<Data Name="NetworkPolicyName">-</Data>
<Data Name="AuthenticationProvider">-</Data>
<Data Name="AuthenticationServer">nwhserver9.nwhs.local</Data>
<Data Name="AuthenticationType">-</Data>
<Data Name="EAPType">-</Data>
<Data Name="AccountSessionIdentifier">-</Data>
<Data Name="ReasonCode">49</Data>
<Data Name="Reason">The RADIUS request did not match any configured connection request policy (CRP).</Data>
<Data Name="LoggingResult">Accounting information was written to the local log file.</Data>
</EventData>
</Event>