We have NPS running on Windows 2012 R2 Server and all of our wireless access points are configured to use it as a RADIUS server without any issues but those access points are at least a few years old.
We just bought a new wireless access point and it will not work with our existing NPS.
More details:
-all wireless access points are Cisco WAP
-I have already worked with Cisco tech support and they are convinced it is an issue with NPS after looking at debug logs and wireshark packet capture
- I added NPS role to a test server, configured it with the exact same settings as our production NPS, pointed the new AP to it and that set up worked
-I moved the test server into the same OU as the production NPS, made sure they were both fully patched, had valid certs, etc and the test server still worked and the production server didn't with the new AP
- only error message I can find was in the event viewer: An Access-Request message was received from RADIUS client valid-ip-address with a Message-Authenticator attribute that is not valid. That error makes it seem like it is an issue with the shared password but I verified a hundred times it is correct. even tried a few different simplified versions.
I have no idea what else to check.
Heath