Have been running a simple setup of IAS on windows 2000 to been able to use
Radius login from my HP switches for centralized management. After upgrade to
Windows 2003 that stopped working. I have investigated and have realized that
I can’t make IAS to accept PAP. If I change to CHAP it works fine. The
remote access policy is set to allow PAP. My logs looks like this
User roger was denied access.
Fully-Qualified-User-Name = MEAB\roger
NAS-IP-Address = 192.168.100.5
NAS-Identifier = HP ProCurve Switch 5308XL
Called-Station-Identifier = <not present>
Calling-Station-Identifier = <not present>
Client-Friendly-Name = Hp Procurve 5300
Client-IP-Address = 192.168.100.5
NAS-Port-Type = Virtual
NAS-Port = <not present>
Proxy-Policy-Name = Use Windows authentication for all users
Authentication-Provider = Windows
Authentication-Server = <undetermined>
Policy-Name = <undetermined>
Authentication-Type = PAP
EAP-Type = <undetermined>
Reason-Code = 16
Reason = Authentication was not successful because an unknown user name or
incorrect password was used.
|
Linear Mode
