Home | Site Map | Cisco How ToNet How To | Wireless |Search | Forums | Services | Donations | Careers | About Us | Contact Us|

WAP Enterprise doesn’t work with Event ID: 6273

Wi-Fi, Mobile phone.

WAP Enterprise doesn’t work with Event ID: 6273

Postby guest » Sun Dec 18, 2011 12:26 am

After we upgraded our IAS in Windows 2003 to NPS in Windows 2008 R2, we have some wireless issues. For example, the user setup can use WAP Enterprise on the Cisco AP IP 10.0.30.66, but not blin. However, setup get access denied when access AP IP 10.0.30.60 while some user can use thr wireless in IP 10.0.30.60.

I don’t think it is credentials issue and I am sure we enter correct password. All test users are domain users or domain admins. These two group have been added to the network policy. I think it has something to do with NPS configuration, i don't understand why it does work in some AP or some users.

Here are the different logs to compare.

Log Name: Security

Source: Microsoft-Windows-Security-Auditing

Event ID: 6273

Task Category: Network Policy Server

Level: Information

Keywords: Audit Failure

User: N/A

Computer: VMM.

Description:

Network Policy Server denied access to a user.

Contact the Network Policy Server administrator for more information.

User:

Security ID: DOMAIN\blin

Account Name: DOMAIN\BLin

Account Domain: DOMAIN

Fully Qualified Account Name: DOMAIN\BLin



Client Machine:

Security ID: NULL SID

Account Name: -

Fully Qualified Account Name: -

OS-Version: -

Called Station Identifier: 001e.4a26.ddf0

Calling Station Identifier: 001f.3b67.30a3



NAS:

NAS IPv4 Address: 10.0.30.66

NAS IPv6 Address: -

NAS Identifier: Admin-IP66

NAS Port-Type: Wireless - IEEE 802.11

NAS Port: 16939



RADIUS Client:

Client Friendly Name: Admin-Base-IP66

Client IP Address: 10.0.30.66



Authentication Details:

Connection Request Policy Name: Secure Wireless Connections

Network Policy Name: Secure Wireless Connections

Authentication Provider: Windows

Authentication Server: VMM.

Authentication Type: PEAP

EAP Type: -

Account Session Identifier: -

Logging Results: Accounting information was written to the local log file.

Reason Code: 16

Reason: Authentication failed due to a user credentials mismatch. Either the user name provided does not map to an existing user account or the password was incorrect.





Log Name: Security

Source: Microsoft-Windows-Security-Auditing

Event ID: 6278

Task Category: Network Policy Server

Level: Information

Keywords: Audit Success

Computer: VMM.

Description:

Network Policy Server granted full access to a user because the host met the defined health policy.

User:

Security ID: DOMAIN\setup

Account Name: setup

Account Domain: DOMAIN

Fully Qualified Account Name: DOMAIN\setup



Client Machine:

Security ID: NULL SID

Account Name: -

Fully Qualified Account Name: -

OS-Version: -

Called Station Identifier: 001e.4a26.ddf0

Calling Station Identifier: 109a.ddba.af8d



NAS:

NAS IPv4 Address: 10.0.30.66

NAS IPv6 Address: -

NAS Identifier: Admin-IP66

NAS Port-Type: Wireless - IEEE 802.11

NAS Port: 16933



RADIUS Client:

Client Friendly Name: Admin-Base-IP66

Client IP Address: 10.0.30.66



Authentication Details:

Connection Request Policy Name: Secure Wireless Connections

Network Policy Name: Secure Wireless Connections

Authentication Provider: Windows

Authentication Server: VMM.

Authentication Type: PEAP

EAP Type: Microsoft: Secured password (EAP-MSCHAP v2)

Account Session Identifier: -



Quarantine Information:

Result: Full Access

Extended-Result: -

Session Identifier: -

Log Name: Security

Source: Microsoft-Windows-Security-Auditing

Event ID: 6273

Task Category: Network Policy Server

Level: Information

Keywords: Audit Failure

User: N/A

Computer: VMM.

Description:

Network Policy Server denied access to a user.

Contact the Network Policy Server administrator for more information.

User:

Security ID: DOMAIN\setup

Account Name: DOMAIN\setup

Account Domain: DOMAIN

Fully Qualified Account Name: DOMAIN\setup



Client Machine:

Security ID: NULL SID

Account Name: -

Fully Qualified Account Name: -

OS-Version: -

Called Station Identifier: 001e.f76f.51b0

Calling Station Identifier: cc52.af8e.5316



NAS:

NAS IPv4 Address: 10.0.30.60

NAS IPv6 Address: -

NAS Identifier: ADMIN_60_AP1231_F2

NAS Port-Type: Wireless - IEEE 802.11

NAS Port: 4695



RADIUS Client:

Client Friendly Name: Admin-F2-IP60

Client IP Address: 10.0.30.60



Authentication Details:

Connection Request Policy Name: Secure Wireless Connections

Network Policy Name: Secure Wireless Connections

Authentication Provider: Windows

Authentication Server: VMM.

Authentication Type: PEAP

EAP Type: -

Account Session Identifier: -

Logging Results: Accounting information was written to the local log file.

Reason Code: 16

Reason: Authentication failed due to a user credentials mismatch. Either the user name provided does not map to an existing user account or the password was incorrect.

Resolution: 1. This issue can occur if the server certificate does not have the Server Authentication usage, client ends the authentication process and alerts the server. Make sure you have installed the certificate correctly.

2. Or disable server certificate validation on the client.
Tablet and Smartphone Setup Guide
http://www.quicksetupguide.com

Troubleshooting Vista Wireless
http://chicagotech.net/
guest
 
Posts: 10191
Joined: Mon Nov 27, 2006 1:10 pm

Return to Wireless

Your Ad Here

Who is online

Users browsing this forum: No registered users and 1 guest