Hi,
A Windows Server 2008 R2 with installed NPS Role responds with ICMP unreachabe to RADIUS requests from network devices. I attached a screenshot of network traffic dump from NetMon.
There is no records in Event Viewer -> Custom Roles -> Network Policy and Access Services.
The settings for NPS logging are ok:
C:\Users\andrei.moraru_admin>auditpol /get /subcategory:"Network Policy Server"System audit policy
Category/Subcategory Setting
Logon/Logoff
Network Policy Server Success and Failure C:\Users\amoraru_admin>netstat -an | findstr 1813
UDP 0.0.0.0:1813 *:*
UDP [::ffff:127.0.0.1]:1813 *:*
C:\Users\amoraru_admin>netstat -an | findstr 1645
UDP 0.0.0.0:1645 *:*
UDP [::ffff:127.0.0.1]:1645 *:*
C:\Users\amoraru_admin>netstat -an | findstr 1812
UDP 0.0.0.0:1812 *:*
UDP [::ffff:127.0.0.1]:1812 *:*
I have enabled logging to NPS files according to http://technet.microsoft.com/en-us/library/dd348461(v=ws.10).aspx
C:\Users\andrei.moraru_admin>netsh ras set tracing * enabled
In C:\Windows\tracing appeared many files for NPS logs, including IASSAM.LOG and IASRAD.LOG
When I open both files in text editor, i see some strange string:
㑛㠱崴〠ⴴ㌰ㄠ㨲㐰ㄺ㨲㐴㨰䌠湯楦畧楲杮爠浥瑯敳癲牥朠潲灵䄠汬挠畯瑮
I need some special tool to read NPS logging files?
Thanks,
Andrei
Andrei Moraru Endava