AP 使用 RADIUS Server 认证,但是使用域用户名密码认证失败。
不能连接到网络。
这是我的 AP 配置:
使用 WPA2-Enterprise 模式也是一样。
日志信息:
Network Policy Server denied access to a user.
Contact the Network Policy Server administrator for more information.
User:
Security ID: SH\testuser
Account Name: testuser
Account Domain: SH
Fully Qualified Account Name: SH\testuser
Client Machine: Security ID: NULL SID
Account Name: -
Fully Qualified Account Name: -
OS-Version: -
Called Station Identifier: 00-1A-70-A8-FA-30
Calling Station Identifier: 00-28-F8-73-53-11
NAS:
NAS IPv4 Address: ...
NAS IPv6 Address: -
NAS Identifier: -
NAS Port-Type:
Wireless - IEEE 802.11
NAS Port: 0
RADIUS Client:
Client Friendly Name: Test
Client IP Address: ...
Authentication Details:
Connection Request Policy Name: WIFI
Network Policy Name: WIFI
Authentication Provider: Windows
Authentication Server: NPSSVR04.test.com
Authentication Type: EAP
EAP Type: -
Account Session Identifier: -
Logging Results: Accounting information was written to the local log file.
Reason Code: 22
Reason: The client could not be authenticated because the Extensible Authentication Protocol (EAP) Type cannot be processed by the server.
这是 NPS 的配置:
EAP 錯誤通常是憑證出問題造成的, 先查查你的 Server 憑證是否過期? 或者憑證的 Private key 錯誤? 或是 Root CA 過期失效?