cancel
Showing results for 
Search instead for 
Did you mean: 

Radius request to Active Directory Domain Controller running Network Policy Server suddenly stopped working

Radius request to Active Directory Domain Controller running Network Policy Server suddenly stopped working

Mattias_Anderss
New Contributor
We have a V2110 Controller set up to do authentication with RADIUS to our AD server using MSCHAP v2. But it suddenly stopped working.
In the log on the AD server I can see this many times in application log:
Negotiation failed. No available eap methods.
It never appeared before it was working and now it's showing that error a few times every minute.
I tried duplicating the Network Policy, disabling the old one and renaming the new one to the old ones name. But no luck.
Anyone else bump in to this?

10 REPLIES 10

Mattias_Anderss
New Contributor
Thanks Doug, got that fixed, the server the CA server the DC was pointing to had been turned off. Installed one locally on that DC, so I no longer get that error. I configured the NPS to match the config in your screenshots.
The clients are now prompted to accept a new certificate, which makes sense.
But now instead I get "Connection failed." when trying to connect from a Mac.
If I log on to the controller and do a test of the radius, it returns Test Completed, but with ACCESS_REJECTED. I'm guessing that is expected as it never asks for a password and I'm assuming it's just testing the actual radius connection?

Like Ron stated you would want to review the NPS Event log to see why the client failed to connect. There is usually a reason code.

Here is an example:

ecfa68fa1bbb4ea38b6248985b9f5a85_27313-oge2gj_inline.jpg


Doug Hyde
Director, Technical Support / Extreme Networks

There is only one place where I look in such case... the NPS log.
The controller is only the message forwarder between the wireless client and the NPS and has no clue what this 2 talk to each other.

Thanks. Any other ways to test what is going wrong in the auth that you can think of?
I ran wireshark on the radius server and I can see the connections coming in. But for some reason it just gets connection failed on the client side.
GTM-P2G8KFN