We had a cert issued by a Public CA on one of our radius servers for a .local address, which are no longer valid after 10/31/2015. It expired, and i renewed with a .org as is now best practice. I cannot get users to authenticate anymore though. The configuration is identical to before the cert expired. What am I missing? New Cert is applied under the Connection request policy, service was restarted. Even restarted the server just in case.
-- ERROR --
Network Policy Server denied access to a user.
Contact the Network Policy Server administrator for more information.
User:
Security ID: NULL SID
Account Name: user
Account Domain: MDS
Fully Qualified Account Name: MDS\user
Client Machine:
Security ID: NULL SID
Account Name: -
Fully Qualified Account Name: -
OS-Version: -
Called Station Identifier: 24-C9-A1-CA-70-78:Wifi.Test
Calling Station Identifier: 58-3F-54-ED-EC-03
NAS:
NAS IPv4 Address: 10.10.200.6
NAS IPv6 Address: -
NAS Identifier: 24-C9-A1-CA-70-78
NAS Port-Type: Wireless - IEEE 802.11
NAS Port: 11
RADIUS Client:
Client Friendly Name: Zonedirector2.mds.local
Client IP Address: 10.10.200.6
Authentication Details:
Connection Request Policy Name: Secure Wireless Connections
Network Policy Name: -
Authentication Provider: Windows
Authentication Server: Paul.mds.local
Authentication Type: EAP
EAP Type: -
Account Session Identifier: -
Logging Results: Accounting information was written to the local log file.
Reason Code: 22
Reason: The client could not be authenticated because the Extensible Authentication Protocol (EAP) Type cannot be processed by the server.
-- END ERROR --
When i look at an accepted request on our worknig server it has Authentication type as PEAP and has a Network policy name. Any ideas?