Hi All,
I have been trying to setup my Windows 2008 R2 server with NPS with a Linksys E3000 router that is running TomatoUSB firmware and I can get clients such as WinXP, iPhone, Android and MAC to connect to the Linksys E3000 router without issue but I am having difficulty getting Windows 7 SP1 client to connect.
This is my RADIUS client setting:
Friendly Name: Radius Server
Address: 10.25.1.229
Shared Secret : Select an existing Shared Secrets template: None
Shared Secret: Manual
Vendor Name: RADIUS Standard
Connection Request Policies: Overview
Policy Name: Use Windows authentication for all users
Policy State: Policy Enabled
Network Connection method: Type of network access server: Unspecified
Connection Request Policies: Conditions
Day and time restrictions: 24x7 Permitted
Connection Request Policies: Settings
Authentication Provider: Local Computer
Override Authentication: Disabled
Network Policy: Overview
Policy Name: Radius Access Policy
Policy State: Policy Enabled
Access Permission
- Grant Access.
- Ignore user account dial-in properties
Network connection method
Type of network access server: Unspecified
Network Policy: Conditions
- Windows Groups
- NAS Port Type: Wireless - IEEE 802.11
Network Policy: Constraints
Authentication Methods
- EAP Types: Microsoft Protected EAP (PEAP)
-- Less secure authentication methods:
----Microsoft Encrypted Authentication version 2 (MS-CHAP-v2), User can change password after it has expired
----Microsoft Encrypted Authentication (MS-CHAP), User can change password after it has expired
NAS Port Type
- Wireless - IEEE 802.11
Network Policy: Settings
- RADIUS Attributes: Standard
--- Service-Type: Framed
- Network Access Protection: NAP Enforcement
--- Allow full network access
--- Enable auto-remediation of client computers
- Routing and Remote Access: Multilink and Bandwidth Allocation Protocol (BAP)
--- Server settings determine multilink usage
--- Percentage of capacity: 50
--- Period of time: 2 min
- Routing and Remote Access: Encryption
--- Strongest encryption (MPPE 128 bit)
- Routing and Remote Access: IP Settings
--- Server settings determine IP address assignment
On my windows 7 machine I configured a network profile as follows:
Security Type: WPA2-Enterprise
Encryption type: AES
Choose a network authentication method: Microsoft Protected EAP (PEAP)
-- No validate server certificate
-- Select Authentication Method: Secured password (EAP-MSCHAP v2)
-- Enable Fast Reconnect
I have allowed UDP ports for 1812,1813, 1645 and 1646 on my Windows 2008 server and have disabled my firewall on my windows 7 machine.
I opened my event viewer and look at the operational log at "Applications and Services Logs\Microsoft\Windows\WLAN-AutoConfig" and these are the events logged:
Wireless security started.
Network Adapter: Intel(R) WiFi Link 1000 BGN
Interface GUID: {604bd8bd-8a9e-4175-ac7d-13bb8eacae3e}
Local MAC Address: 74:E5:0B:0D:99:48
Network SSID: Tomato24
BSS Type: Infrastructure
Peer MAC Address: C0:C1:C0:4F:23:6E
Authentication: WPA2-Enterprise
Encryption: AES
FIPS Mode: Disabled
802.1x Enabled: Yes
------------------------------------------------
Wireless 802.1x authentication was restarted.
Network Adapter: Intel(R) WiFi Link 1000 BGN
Interface GUID: {604bd8bd-8a9e-4175-ac7d-13bb8eacae3e}
Local MAC Address: 74:E5:0B:0D:99:48
Network SSID: Tomato24
BSS Type: Infrastructure
Peer MAC Address: C0:C1:C0:4F:23:6E
Eap Information: Type 25, Vendor ID 0, Vendor Type 0, Author ID 0
Restart Reason: Onex Auth Timeout
------------------------------------------------
Wireless 802.1x authentication failed.
Network Adapter: Intel(R) WiFi Link 1000 BGN
Interface GUID: {604bd8bd-8a9e-4175-ac7d-13bb8eacae3e}
Local MAC Address: 74:E5:0B:0D:99:48
Network SSID: Tomato24
BSS Type: Infrastructure
Peer MAC Address: C0:C1:C0:4F:23:6E
Identity: host/SGOOL042.ong-ong.internal
User:
Domain:
Reason: There was no response to the EAP Response Identity packet.
Error: 0x0
EAP Reason: 0x0
EAP Root cause String:
EAP Error: 0x0
------------------------------------------------
WLAN AutoConfig service failed to connect to a wireless network.
Network Adapter: Intel(R) WiFi Link 1000 BGN
Interface GUID: {604bd8bd-8a9e-4175-ac7d-13bb8eacae3e}
Connection Mode: Manual connection with a profile
Profile Name: Tomato24
SSID: Tomato24
BSS Type: Infrastructure
Failure Reason:The specific network is not available.
------------------------------------------------
The interface setting on my Linksys E3000 router:
Wireless Mode: Access Point
Wireless Network mode: B/G mixed
SSID: Tomato24
Channel: 6 - 2.437GHz
Broadcast enabled
Channel width: 20 MHz
Security: WPA2 Enterprise
Encryption: AES
Group Key Renewal: 3600 seconds
Radius Server 10.25.1.127:1812
Can someone tell me if I have missed out something? Why is it that Windows 7 client cannot connect to my Linksys router?
Thanks & Regards.