MS NPS denying access, can't validate server certificate

Posted by Fred Weston on Server Fault See other posts from Server Fault or by Fred Weston
Published on 2014-04-14T19:53:38Z Indexed on 2014/06/02 15:32 UTC
Read the original article Hit count: 1690

Filed under:

At my office we use a Cisco WLC2504 wireless controller and starting about a week ago we started having problems with users connecting to one of our secure wireless network. We are running AD on Windows Server 2008 R2 and use network policy server to control access to our wireless network.

When I look at the logs in event viewer after a failed connection attempt I see an access reject message:

Reason Code: 262 Reason: The supplied message is incomplete. The signature was not verified.

Looking this up on Google I found this article: http://support.microsoft.com/kb/838502

I tried disabling server certificate validation on my computer and as soon as I did that I was able to connect to the network, so it seems that there is some sort of certificate validation issue.

I'm not sure which certificate is unable to be validated or how to fix it. This used to work and stopped suddenly by itself so I am thinking a certificate may have expired.

When I go to NPS > Policies > Network Policies > My policy > Constraints > Auth methods > Microsoft PEAP and view the properties, the certificae specified here expires in 2016, so doesn't seem as though this could be the problem.

Any suggestions on how to troubleshoot this issue?

© Server Fault or respective owner

Related posts about nps