radius wireless authentication failed - reason code 23

Hi,

i need to set up a radius server (the radius server resides on DC sever and it’s a Windows Server 2008 R2), for users authentication through wireless access points.

Surfing on the web, i found an useful post about setting up a radius server as in my case. You can find under the links to the posts:

Part 1) http://www.windowsnetworking.com/articles_tutorials/Setting-up-Wi-Fi-Authentication-Windows-Server-2008-Part1.html

Part 2) http://www.windowsnetworking.com/articles_tutorials/Setting-up-Wi-Fi-Authentication-Windows-Server-2008-Part2.html

What i did is exactly what you can see in the posts:

1. I created a certificate under the path “Personal” à “Certificates” in the DC sever;
2. I added a NPS server and, using the wizard, i configured it for Wireless Connections; in the authentication pane i selected “Microsoft Protected EAP (PEAP)” and configured it for using the certificate i created early in the step 1;
3. I setted up the access point in this way:
   1. Security mode: WPA2-Enterprise;
   2. Radius Server: the ip address of the NAP sever (in my case 10.254.92.10);
   3. <st1:place w:st="on"><st1:placename w:st="on">Radius</st1:placename> <st1:placetype w:st="on">Port</st1:placetype></st1:place>: 1812;
   4. Encryption: AES;
   5. Shared secret: the same of the relative client radius on the NAP server.
4. Finally on the client computer i installed the certificate i created early, and configured the wireless connection in this way:
   1. Network authentication:WPA2 (in the post he speaks about set it to “WPA2-Enterprise”, but in windows xp sp3 there isn’t any WPA2-Enterprise, just WPA2);
   2. Encryption: AES;
   3. Authentication: PEAP and in the setting tab of PEAP i selected the certificate i installed early.

Here a piece of information about network and client computer model:

1. DC = NAP = 10.254.92.10 (vsi08r2). Windows Server 2008 R2
2. Domain name = vsisrv2k;
3. AP ip address = 10.254.92.38;
4. AP model = Linksys WAP200;
5. Client radius name = vs-open;
6. Client radius ip = 10.254.92.38.
7. Client Computer = Windows XP sp3.

When i try to connect to through the AP by client (after typed user & psw), on the NAP server i always receive the following log:

<Event>

 <Timestamp data_type="4">04/20/2012 08:22:28.493</Timestamp>

 <Computer-Name data_type="1">VSI08R2</Computer-Name>

 <Event-Source data_type="1">IAS</Event-Source>

 <Class data_type="1">311 1 10.254.92.10 04/20/2012 05:45:08 8</Class>

 <Authentication-Type data_type="0">11</Authentication-Type>

  <Quarantine-Update-Non-Compliant data_type="0">1</Quarantine-Update-Non-Compliant>

  <Client-IP-Address data_type="3">10.254.92.38</Client-IP-Address>

 <Client-Vendor data_type="0">0</Client-Vendor>

 <Client-Friendly-Name data_type="1">VSI-open</Client-Friendly-Name>

 <Proxy-Policy-Name data_type="1">Connessioni wireless sicure</Proxy-Policy-Name>

 <Provider-Type data_type="0">1</Provider-Type>

 <SAM-Account-Name data_type="1">VSISRV2K\bertig</SAM-Account-Name>

 <Fully-Qualifed-User-Name data_type="1">VSISRV2K\bertig</Fully-Qualifed-User-Name>

 <NP-Policy-Name data_type="1">Connessioni wireless sicure</NP-Policy-Name>

 <Packet-Type data_type="0">3</Packet-Type>

 <Reason-Code data_type="0">23</Reason-Code>

</Event> 

Any ideas ?

Thanks.