Active Directory NPS无线连接无法正常工作

时间:2018-01-10 06:25:30

标签: active-directory radius radius-protocol

我最近在我的域控制器上设置了一个NPS服务器进行测试。

我创建了radius客户端和已定义的策略。还将接入点配置为与radius服务器通信。

问题是我每次尝试登录wifi都会说“连接......” 然后回到wifi状态显示“已保存”。

这是日志:

 <Event><Timestamp data_type="4">01/10/2018 16:32:59.280</Timestamp><Computer-Name data_type="1">TPSSERVER1</Computer-Name><Event-Source data_type="1">IAS</Event-Source><User-Name data_type="1">testuser</User-Name><Called-Station-Id data_type="1">9C-3D-CF-6F-59-FA:NETGEAR39-5G</Called-Station-Id><NAS-Port-Type data_type="0">19</NAS-Port-Type><NAS-Port data_type="0">1</NAS-Port><Calling-Station-Id data_type="1">7C-5C-F8-3B-8F-53</Calling-Station-Id><Connect-Info data_type="1">CONNECT 54Mbps 802.11a</Connect-Info><Acct-Session-Id data_type="1">3E123D45-00000005</Acct-Session-Id><Framed-MTU data_type="0">1400</Framed-MTU><Client-IP-Address data_type="3">192.168.0.99</Client-IP-Address><Client-Vendor data_type="0">0</Client-Vendor><Client-Friendly-Name data_type="1">Netgear Access Point</Client-Friendly-Name><Proxy-Policy-Name data_type="1">Secure Wireless Connections 2</Proxy-Policy-Name><Provider-Type data_type="0">1</Provider-Type><SAM-Account-Name data_type="1">THEPHOTOSTUDIO\testuser</SAM-Account-Name><Fully-Qualifed-User-Name data_type="1">THEPHOTOSTUDIO\testuser</Fully-Qualifed-User-Name><Class data_type="1">311 1 192.168.0.42 01/10/2018 04:52:10 30</Class><Authentication-Type data_type="0">5</Authentication-Type><NP-Policy-Name data_type="1">Secure Wireless Connections 2</NP-Policy-Name><Packet-Type data_type="0">1</Packet-Type><Reason-Code data_type="0">0</Reason-Code></Event>

    <Event><Timestamp data_type="4">01/10/2018 16:32:59.280</Timestamp><Computer-Name data_type="1">TPSSERVER1</Computer-Name><Event-Source data_type="1">IAS</Event-Source><Class data_type="1">311 1 192.168.0.42 01/10/2018 04:52:10 30</Class><Session-Timeout data_type="0">60</Session-Timeout><Acct-Session-Id data_type="1">3E123D45-00000005</Acct-Session-Id><Client-IP-Address data_type="3">192.168.0.99</Client-IP-Address><Client-Vendor data_type="0">0</Client-Vendor><Client-Friendly-Name data_type="1">Netgear Access Point</Client-Friendly-Name><Proxy-Policy-Name data_type="1">Secure Wireless Connections 2</Proxy-Policy-Name><Provider-Type data_type="0">1</Provider-Type><SAM-Account-Name data_type="1">THEPHOTOSTUDIO\testuser</SAM-Account-Name><Fully-Qualifed-User-Name data_type="1">THEPHOTOSTUDIO\testuser</Fully-Qualifed-User-Name><Authentication-Type data_type="0">5</Authentication-Type><NP-Policy-Name data_type="1">Secure Wireless Connections 2</NP-Policy-Name><Packet-Type data_type="0">11</Packet-Type><Reason-Code data_type="0">0</Reason-Code></Event>

    <Event><Timestamp data_type="4">01/10/2018 16:32:59.296</Timestamp><Computer-Name data_type="1">TPSSERVER1</Computer-Name><Event-Source data_type="1">IAS</Event-Source><Called-Station-Id data_type="1">9C-3D-CF-6F-59-FA:NETGEAR39-5G</Called-Station-Id><NAS-Port-Type data_type="0">19</NAS-Port-Type><NAS-Port data_type="0">1</NAS-Port><Calling-Station-Id data_type="1">7C-5C-F8-3B-8F-53</Calling-Station-Id><Connect-Info data_type="1">CONNECT 54Mbps 802.11a</Connect-Info><Acct-Session-Id data_type="1">3E123D45-00000005</Acct-Session-Id><Framed-MTU data_type="0">1400</Framed-MTU><Client-IP-Address data_type="3">192.168.0.99</Client-IP-Address><Client-Vendor data_type="0">0</Client-Vendor><Client-Friendly-Name data_type="1">Netgear Access Point</Client-Friendly-Name><User-Name data_type="1">testuser</User-Name><Proxy-Policy-Name data_type="1">Secure Wireless Connections 2</Proxy-Policy-Name><Provider-Type data_type="0">1</Provider-Type><SAM-Account-Name data_type="1">THEPHOTOSTUDIO\testuser</SAM-Account-Name><Fully-Qualifed-User-Name data_type="1">THEPHOTOSTUDIO\testuser</Fully-Qualifed-User-Name><Authentication-Type data_type="0">5</Authentication-Type><NP-Policy-Name data_type="1">Secure Wireless Connections 2</NP-Policy-Name><Class data_type="1">311 1 192.168.0.42 01/10/2018 04:52:10 31</Class><Packet-Type data_type="0">1</Packet-Type><Reason-Code data_type="0">0</Reason-Code></Event>

    <Event><Timestamp data_type="4">01/10/2018 16:32:59.296</Timestamp><Computer-Name data_type="1">TPSSERVER1</Computer-Name><Event-Source data_type="1">IAS</Event-Source><Class data_type="1">311 1 192.168.0.42 01/10/2018 04:52:10 31</Class><Session-Timeout data_type="0">30</Session-Timeout><Acct-Session-Id data_type="1">3E123D45-00000005</Acct-Session-Id><Client-IP-Address data_type="3">192.168.0.99</Client-IP-Address><Client-Vendor data_type="0">0</Client-Vendor><Client-Friendly-Name data_type="1">Netgear Access Point</Client-Friendly-Name><Proxy-Policy-Name data_type="1">Secure Wireless Connections 2</Proxy-Policy-Name><Provider-Type data_type="0">1</Provider-Type><SAM-Account-Name data_type="1">THEPHOTOSTUDIO\testuser</SAM-Account-Name><Fully-Qualifed-User-Name data_type="1">THEPHOTOSTUDIO\testuser</Fully-Qualifed-User-Name><Authentication-Type data_type="0">5</Authentication-Type><NP-Policy-Name data_type="1">Secure Wireless Connections 2</NP-Policy-Name><Packet-Type data_type="0">11</Packet-Type><Reason-Code data_type="0">0</Reason-Code></Event>

    <Event><Timestamp data_type="4">01/10/2018 16:32:59.311</Timestamp><Computer-Name data_type="1">TPSSERVER1</Computer-Name><Event-Source data_type="1">IAS</Event-Source><Called-Station-Id data_type="1">9C-3D-CF-6F-59-FA:NETGEAR39-5G</Called-Station-Id><NAS-Port-Type data_type="0">19</NAS-Port-Type><NAS-Port data_type="0">1</NAS-Port><Calling-Station-Id data_type="1">7C-5C-F8-3B-8F-53</Calling-Station-Id><Connect-Info data_type="1">CONNECT 54Mbps 802.11a</Connect-Info><Acct-Session-Id data_type="1">3E123D45-00000005</Acct-Session-Id><Framed-MTU data_type="0">1400</Framed-MTU><Client-IP-Address data_type="3">192.168.0.99</Client-IP-Address><Client-Vendor data_type="0">0</Client-Vendor><Client-Friendly-Name data_type="1">Netgear Access Point</Client-Friendly-Name><User-Name data_type="1">testuser</User-Name><Proxy-Policy-Name data_type="1">Secure Wireless Connections 2</Proxy-Policy-Name><Provider-Type data_type="0">1</Provider-Type><SAM-Account-Name data_type="1">THEPHOTOSTUDIO\testuser</SAM-Account-Name><Fully-Qualifed-User-Name data_type="1">THEPHOTOSTUDIO\testuser</Fully-Qualifed-User-Name><Authentication-Type data_type="0">5</Authentication-Type><NP-Policy-Name data_type="1">Secure Wireless Connections 2</NP-Policy-Name><Class data_type="1">311 1 192.168.0.42 01/10/2018 04:52:10 32</Class><Packet-Type data_type="0">1</Packet-Type><Reason-Code data_type="0">0</Reason-Code></Event>

    <Event><Timestamp data_type="4">01/10/2018 16:32:59.311</Timestamp><Computer-Name data_type="1">TPSSERVER1</Computer-Name><Event-Source data_type="1">IAS</Event-Source><Class data_type="1">311 1 192.168.0.42 01/10/2018 04:52:10 32</Class><Acct-Session-Id data_type="1">3E123D45-00000005</Acct-Session-Id><Session-Timeout data_type="0">30</Session-Timeout><Client-IP-Address data_type="3">192.168.0.99</Client-IP-Address><Client-Vendor data_type="0">0</Client-Vendor><Client-Friendly-Name data_type="1">Netgear Access Point</Client-Friendly-Name><Proxy-Policy-Name data_type="1">Secure Wireless Connections 2</Proxy-Policy-Name><Provider-Type data_type="0">1</Provider-Type><SAM-Account-Name data_type="1">THEPHOTOSTUDIO\testuser</SAM-Account-Name><Fully-Qualifed-User-Name data_type="1">THEPHOTOSTUDIO\testuser</Fully-Qualifed-User-Name><Authentication-Type data_type="0">5</Authentication-Type><NP-Policy-Name data_type="1">Secure Wireless Connections 2</NP-Policy-Name><Packet-Type data_type="0">11</Packet-Type><Reason-Code data_type="0">0</Reason-Code></Event>

我也尝试过改变无线接入点,但结果相同。

有什么想法吗?

1 个答案:

答案 0 :(得分:0)

我解决了这个问题。

显然,服务器正在对用户进行身份验证,但无法向radius客户端验证自己。

我们需要向NPS服务器添加不同的新证书。

所以在NPS管理控制台中,策略 - &gt;网络政策 - &gt; (选择您的政策) - &gt;约束 - &gt;认证方法 - &gt;在EAP类型框中选择Microsoft:受保护的EAP(PEAP) - &gt;编辑并将颁发的证书更改为最后一个选项。 - &gt; OK - &gt;应用