Home | Site Map | Cisco How ToNet How To | Wireless |Search | Forums | Services | Donations | Careers | About Us | Contact Us|

IAS Event ID 2 with reason-code = 262

Cisco Router, Firewall, VPN, SDM, ASA and Switch

IAS Event ID 2 with reason-code = 262

Postby guest » Mon Mar 03, 2008 3:08 pm

Server: Windows Server 2003 x64 SP1 or R2
Client: Windows XP Pro SP2
From time to time some of my XP SP2 clients fail to authenticate with IAS
and thus end up working without WLAN. This is what I get in System log:

Event Type: Warning
Event Source: IAS
Event Category: None
Event ID: 2
Date: 2007.02.09
Time: 13:49:46
User: N/A
Computer: server
Description:
User host/pc1.firm.com was denied access.
Fully-Qualified-User-Name = firm.com/computers/pc1
NAS-IP-Address = 10.19.247.234
NAS-Identifier = FIRM
Called-Station-Identifier = 00-18-FE-D0-B0-39
Calling-Station-Identifier = 00-90-4B-B9-D3-A8
Client-Friendly-Name = FIRM
Client-IP-Address = 10.19.247.234
NAS-Port-Type = Wireless - IEEE 802.11
NAS-Port = 0
Proxy-Policy-Name = Use Windows authentication for all users
Authentication-Provider = Windows
Authentication-Server = <undetermined>
Policy-Name = WLAN
Authentication-Type = PEAP
EAP-Type = <undetermined>
Reason-Code = 262
Reason = The supplied message is incomplete. The signature was not
verified.

For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 18 03 09 80 ...€

Hello,

Thank you for posting in the Microsoft newsgroup!

From your post, my understanding on this issue is: you have clients that
failed to authenticate with IAS. If I'm off base, please feel free to let
me know.

The error code and the symptom of the issue match the description in the
following KB, please try to fix it with the steps mentioned in it:
802.1x client authentication fails when you connect to a Windows Server
2003-based computer that is running IAS

Method 1: Disable certificate validation on the client computer
To do this, follow these steps:

1. Click Start, and then click Control Panel.
2. Double-click Network Connections.
3. Right-click the connection that you use to connect to the Windows Server 2003-based computer, and then click Properties.
4. On the Authentication tab, click Properties.
5. Click to clear the Validate server certificate check box.

Back to the top
Method 2: Install the trusted root certification authority on the client computer

1. Start Microsoft Internet Explorer.
2. In the Address box, type the following address:
http://ServerName/certsrv
Note Replace ServerName with the name of the server where the certification authority (CA) is stored.
3. Click Download a CA certificate, certificate chain, or CRL.
4. Under CA Certificate, click the CA that you want to install, and then click Download CA Certificate.
5. On the File Download page, click Open.
6. Click Install certificate.
7. Click Next.
8. Click Automatically select the certificate store based on the type of certificate, and then click Next.
9. Click Finish.
Tablet and Smartphone Setup Guide
http://www.quicksetupguide.com

Troubleshooting Vista Wireless
http://chicagotech.net/
guest
 
Posts: 10191
Joined: Mon Nov 27, 2006 1:10 pm

Re: IAS Event ID 2 with reason-code = 262

Postby chicagotech » Wed Sep 22, 2010 9:53 pm

We had a similar case. We found the problem is the Certificate for the enterprise wireless is expired. Renewing the Certificate fixes the problem
Networking, Internet, Routing, VPN Troubleshooting on http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on http://www.HowToNetworking.com
chicagotech
Site Admin
 
Posts: 6994
Joined: Mon Nov 27, 2006 1:24 pm
Location: Chicago USA

Re: IAS Event ID 2 with reason-code = 262

Postby chicagotech » Thu Feb 03, 2011 11:51 am

In other case, we fixed it by disabling certificate. Please refer to this post: Enterprise Wireless doesn't work after change Certifcate -
viewtopic.php?f=7&t=14123
Networking, Internet, Routing, VPN Troubleshooting on http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on http://www.HowToNetworking.com
chicagotech
Site Admin
 
Posts: 6994
Joined: Mon Nov 27, 2006 1:24 pm
Location: Chicago USA


Return to Cisco

Your Ad Here

Who is online

Users browsing this forum: No registered users and 0 guests