I have a Windows 2008 R2 Domain Controller that I installed NPS. I have configured it to accept RADIUS requests and I can get it to accept RADIUS requests from clients using PAP authentication but not CHAP. The Reason code is 19 which means that I need to check “store password using reversible encryption” in the AD user account I am using. I was able to duplicate the error in my test domain and if I do check reversible encryption for the user account, the authentication request using CHAP is successful. However, even after checking the reversible encryption in the production domain, CHAP authentication still fails with reason code 19.
Any ideas why this is happening? Besides the NPS log file, is there any of place I can look to troubleshoot the problem? I didn't see anything in the event logs.
Steve