2 Replies Latest reply on Jul 1, 2013 8:41 AM by obsidianlock

    RADIUS authentication granting access but wireless connection fails

    obsidianlock New Member

      I have RADIUS set up following the document on this site. The NPS logs on the Windows 2008 R2 Standard show granted full access but the wireless connection fails to connect. I have a server certificate but I am not doing mutual authentication. I have added the user and the computer to the NPS network connection policy. Any suggestions?

        • Re: RADIUS authentication granting access but wireless connection fails
          daniel.blackmon Employee

          obsidianlock

           

          Would you mind providing the following information in order to help us provide better assistance?

          • Platform (BSC/vWLAN)
          • Version (6.5.1.03/2.1.0.14/2.2.1.20)
          • Patch (BluePatch Release One/vPatch-2-2-1-2-0-2)
          • AP Firmware (6.5.4-10/6.5.4-11/6.6.0-30)

           

          You will want to make sure you are up to date on the latest firmware and patches if needed. Assuming you are using vWLAN (based on the tags), you will want to run either 2.1.0.14 or 2.2.1.20 with vPatch-2-2-1-20. AP firmware for these installations are 6.5.4-11 and 6.6.0-30 respectively.

           

          Watch the Active Users status screen as your client is trying to connect. Here you can see if the client is actually associating with the AP or if RADIUS is failing. If your client never associates, they will likely not show up in the Active Users table. If that is the case, you may want to capture wired traffic on the AP. This will allow you to see what the AP receives from the RADIUS server.

           

          If the client is listed on the Active Users screen, check the role and IP address. If the client is in the correct role, but does not have an IP address, make sure the role allows UDP port 67 outbound and 68 inbound. You could also allow both ports both ways. If the role is wrong, check the RADIUS server configuration on vWLAN. Make sure the role is correct on the server and the Auth Type is displayed correctly.

            • Re: RADIUS authentication granting access but wireless connection fails
              obsidianlock New Member

              Platform=vWLAN

              Version=2.2.1.20

              Patch=2-2-1-2-0-2

              AP FW= 6.6.0-30

               

              I called support after trying every configuration tweak I could, thinking I missed something. It turns out there a is a bug where if you create the SSID and have it up and operating then try to add in RADIUS authentication it will not connect. Support had me Phone Home to Adtran Support (Administration, Diagnostic, Phone Home) and the AdTran support restarted one of the web services and everything worked immediately after that. He said it was kind of a rare bug and they were still trying to figure out exactly what triggers it so that they could roll it into the next patch. I guess I should have followed the old standard of restarting before raising my hand for help.