Home | Site Map | Cisco How ToNet How To | Wireless |Search | Forums | Services | Donations | Careers | About Us | Contact Us|

IAS Reason-Code = 49

Wi-Fi, Mobile phone.

IAS Reason-Code = 49

Postby chicagotech » Thu Sep 27, 2007 10:55 pm

In this case you dont have your CRP configured properly. This is the error
message:
"The connection attempt did not match any connection request policy."
Look at your CRPs and make sure that the request matches atleast one of
them.

Thanks, Manju
--
++++++++++++++++++++++++++++++++++++++++
+++++++
This posting is provided "AS IS" with no warranties, and confers no rights


"JB" <jjmtb> wrote in message
news:%23m5WHXCTFHA.2812@TK2MSFTNGP09.phx.gbl...
> IAS is installed on a DC and has permissions for AD. This server is also
> a CA. I am using a Linksys WRT54GS router and using RADIUS authentication
> on it. I have the client set up in IAS and have the policy set up. When
> a client tries to connect (yes, they have permissions in Dial Up access
> though AD), this is returned in the event log:
>
> Event Type: Warning
> Event Source: IAS
> Event Category: None
> Event ID: 2
> Date: 4/28/2005
> Time: 12:01:51 PM
> User: N/A
> Computer: COMPUTERNAME
> Description:
> User MyDomain\test was denied access.
> Fully-Qualified-User-Name = <undetermined>
> NAS-IP-Address = 192.168.1.2
> NAS-Identifier = 001310199dbd
> Called-Station-Identifier = 001310199dbd
> Calling-Station-Identifier = 00121785af8f
> Client-Friendly-Name = MyWirelessName
> Client-IP-Address = 192.168.1.2
> NAS-Port-Type = Wireless - IEEE 802.11
> NAS-Port = 37
> Proxy-Policy-Name = <none>
> Authentication-Provider = <undetermined>
> Authentication-Server = <undetermined>
> Policy-Name = <undetermined>
> Authentication-Type = <undetermined>
> EAP-Type = <undetermined>
> Reason-Code = 49
> Reason = The connection attempt did not match any connection request
> policy.
>
>
> Any suggestions????
Networking, Internet, Routing, VPN Troubleshooting on http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on http://www.HowToNetworking.com
chicagotech
Site Admin
 
Posts: 6795
Joined: Mon Nov 27, 2006 1:24 pm
Location: Chicago USA

Postby chicagotech » Thu Sep 27, 2007 10:57 pm

That was exactly the problem! I very much appreciate the help - I was
getting frustrated and had even installed and uninstalled IAS (which didn't
restore the default CRP).

It works perfectly now! Thank you VERY much!

In this case, I think you might have deleted the default CRP policy which
existed when you created the policy and so IAS keeps insisiting that the
default should work. This is a known issue with the IAS UI. You have 2
options:

1) Create a policy using the wizard (but choose some other option other than
what you chose earlier) so that it creates a policy and then edit the policy
to suit your requirements.
It may be easiest to choose "custom policy" and then use the following:
policy conditions: use date/time and 24/7
profile: accept defaults
2) Restore c:\windows\system32\ias.mdb from your installation disks so you
get the default policies and then edit them as you need.

The first way is preferred since you will keep your exisiting configuration.
Let me know if it works after you configure it as described..
Thanks, Manju

++++++++++++++++++++++++++++++++++++++++
+++++++
This posting is provided "AS IS" with no warranties, and confers no rights


"JB" <jjmtb> wrote in message
news:uQUNHlDTFHA.2548@TK2MSFTNGP14.phx.gbl...
>I REALLY appreciate the help.
>
> That's what I thought... however...
>
> In the "Connection Request Policies" there are no items. So I right click
> to create a new one, and the first screen says:
>
> "If users connect to this server through a VPN or by dialing directly, do
> not create a policy. The IAS default policy is set up to accomodate this
> scenario."
>
> I figured that my connection was covered under this - but I suppose not.
> So I went through and set one up and chose "Authenticate connection
> requests on this server" and "Users dial directly into this server or
> connect through a VPN". My only other option was "Authenticate connection
> requests on this server" and "Users connect through this server through an
> ISP" - which isn't the case. ANyway, when I choose the previous setting,
> it doesn't create anything in the COnnection Request Policies: it's still
> empty.
>
> Am I missing something?
>
> Thanks!
Networking, Internet, Routing, VPN Troubleshooting on http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on http://www.HowToNetworking.com
chicagotech
Site Admin
 
Posts: 6795
Joined: Mon Nov 27, 2006 1:24 pm
Location: Chicago USA


Return to Wireless

Your Ad Here

Who is online

Users browsing this forum: No registered users and 0 guests