Hello Experts,

I have a WindowsNT4.0 domain, Windows2003 IAS with self-signed cert., and a
Cisco AP1242AG setup to use WPA2.
I cannot seem to get a domain user to authenticate.
I'm looking for some help to figure it out.
I receive 2 EventID's in the System log on the IAS server, see below:
Event Type: Warning
Event Source: IAS
Event Category: None
Event ID: 2
Date: 11/5/2008
Time: 10:27:08 AM
User: N/A
Computer: AUTH01
Description:
User test was denied access.
Fully-Qualified-User-Name = OURDOMAINHERE\test
NAS-IP-Address = 172.16.17.228
NAS-Identifier = ap
Called-Station-Identifier =
Calling-Station-Identifier =
Client-Friendly-Name = AP01Bldg10Warehouse
Client-IP-Address = 172.16.17.228
NAS-Port-Type = Async
NAS-Port =
Proxy-Policy-Name = Use Windows authentication for all users
Authentication-Provider = Windows
Authentication-Server =
Policy-Name = Connections to other access servers
Authentication-Type = PAP
EAP-Type =
Reason-Code = 66
Reason = The user attempted to use an authentication method that is not
enabled on the matching remote access policy.
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Data: 0000: 00 00 00 00 ....

Event Type: Error
Event Source: IAS
Event Category: None
Event ID: 5052
Date: 11/5/2008
Time: 10:27:08 AM
User: N/A
Computer: AUTH01
Description:
There is no domain controller available for domain OURDOMAINHERE.
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.

NAS-Port-Type = Async could be the problem. This post may help too.

Event ID 2: Reason-Code = 668 posts - 2 authors - Last post: Mar 7
Posted: Sun Apr 15, 2007 10:41 pm Post subject: Event ID 2:
Reason-Code = 66 .... Before Event ID 2, the IAS server also lists this
event ...
http://www.chicagotech.net/netforums...opic.php?t=664


--
Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN Troubleshooting on
http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on
http://www.HowToNetworking.com
"Starrett" wrote in message
news:A247DE29-6699-496B-AE1D-D9215053E5CD@microsoft.com...
> Hello Experts,
>
> I have a WindowsNT4.0 domain, Windows2003 IAS with self-signed cert., and
> a
> Cisco AP1242AG setup to use WPA2.
> I cannot seem to get a domain user to authenticate.
> I'm looking for some help to figure it out.
> I receive 2 EventID's in the System log on the IAS server, see below:
> Event Type: Warning
> Event Source: IAS
> Event Category: None
> Event ID: 2
> Date: 11/5/2008
> Time: 10:27:08 AM
> User: N/A
> Computer: AUTH01
> Description:
> User test was denied access.
> Fully-Qualified-User-Name = OURDOMAINHERE\test
> NAS-IP-Address = 172.16.17.228
> NAS-Identifier = ap
> Called-Station-Identifier =
> Calling-Station-Identifier =
> Client-Friendly-Name = AP01Bldg10Warehouse
> Client-IP-Address = 172.16.17.228
> NAS-Port-Type = Async
> NAS-Port =
> Proxy-Policy-Name = Use Windows authentication for all users
> Authentication-Provider = Windows
> Authentication-Server =
> Policy-Name = Connections to other access servers
> Authentication-Type = PAP
> EAP-Type =
> Reason-Code = 66
> Reason = The user attempted to use an authentication method that is not
> enabled on the matching remote access policy.
> For more information, see Help and Support Center at
> http://go.microsoft.com/fwlink/events.asp.
> Data: 0000: 00 00 00 00 ....
>
> Event Type: Error
> Event Source: IAS
> Event Category: None
> Event ID: 5052
> Date: 11/5/2008
> Time: 10:27:08 AM
> User: N/A
> Computer: AUTH01
> Description:
> There is no domain controller available for domain OURDOMAINHERE.
> For more information, see Help and Support Center at
> http://go.microsoft.com/fwlink/events.asp.
>