Hi folks
We have a very strange phenomenon and maybe some of you guys can help me.
We had a perfect working Network Policy Server 2008 R2 environment. NPS was running on a Domain Controller (2K8R2)
authenticating requests from various sources (Cisco WLAN Controller, Cisco Switches, ...)
People connected to WLAN from Windows 7 computers, MAC Books Pro, iPhones, Android Devices , ...
Everything was working fine until we upgraded our Domain Controllers to Server 2012 (in-place upgrade)
The upgrades went smoothly and error free. Domain Controllers are stable and our domain works fine.
There is one exception: Our Network Policy Server which was upgraded to 2012 as well.
The configuration has been migrated and seems to be exactly the same as before.
The only difference is that Windows 7 clients (notebooks which are not member of the domain)
cannot authenticate anymore. On the Server side I see there is an event log entry (application) :
Source: EapHost
Message: Negotiation failed. Requested EAP methods not available
- Creating the WLAN profile manually doesn't help.
- Windows 7 asks for username/password (this is what we use. no computer/user certificates).
- CA certificate is installed on these computers
The strange thing is that users with Mac Books, iPhones, Android Mobiles have no problem authenticating.
Only when they try connecting to WLAN on Windows 7 it fails.
- The NPS Policies have not changed.
- The same Windows 7 notebooks can successfully connect to other WLANs without a problem.
So it seems not to be a client problem.
Why should the NPS server not know the EAP methods when other devices (iPhone, ANdroid, Mac Book) successfully can connect ?
Request from Samsung Galaxy S3
"IKAWA","IAS",06/14/2013,10:00:54,1,"myuser","mydomain.local/Prod/INS/Users/Lastname, Firstname","00-08-30-00-b9-00:ins","5c-0a-5b-38-2e-60",,,"wlc","a.b.c.88",1,9,"a.b.c.88","wlc",,,19,,,2,11,"WLAN
Access",0,"311 1 152.96.120.201 06/14/2013 04:13:00 4087",,,,"Microsoft: Secured password (EAP-MSCHAP v2)",,,,,,,,,,,,,,13,6,,,,"122",,,,,,,,,,,"WLAN Access",1,,,,
"IKAWA","IAS",06/14/2013,10:00:54,2,,"mydomain.local/Prod/INS/Users/Lastname, Firstname",,,,,,,,9,"a.b.c.88","wlc",,,,,,,11,"WLAN Access",0,"311 1 152.96.120.201 06/14/2013 04:13:00
4087",,,,"Microsoft: Secured password (EAP-MSCHAP v2)",,,,,,,,,,,,,,13,6,,,,"122",,,,,,,,"0x01494E534C4F43414C",,,"WLAN Access",1,,,,
Request from Windows 7 Notebook
"IKAWA","IAS",06/14/2013,10:05:17,1,"myuser","MYDOMAIN\MyUser","00-08-30-00-b9-00:ins","8c-70-5a-cd-05-e8",,,"wlc","a.b.c.88",1,9,"a.b.c.88","wlc",,,19,,,2,5,,0,"311
1 152.96.120.201 06/14/2013 04:13:00 4161",,,,"",,,,,,,,,,,,,,13,6,,,,"122",,,,,,,,,,,"WLAN Access",1,,,,
"IKAWA","IAS",06/14/2013,10:05:17,3,,"MYDOMAIN\MyUser",,,,,,,,9,"a.b.c.88","wlc",,,,,,,5,,22,"311 1 152.96.120.201 06/14/2013 04:13:00 4161",,,,"",,,,,,,,,,,,,,,,,,,,,,,,,,,,,,"WLAN
Access",1,,,,
This is so strange.
If anybody could help it would be great.
Regards,
Oliver