Problems with IAS/RADIUS policies Win2003

[Guest BurtReynolds]

I'm running IAS on Windows Server 2003 Enterprise Edition and am having some

trouble with the Radius Client Access policies.

 

My understanding of IAS policies it will process the policies in order from

top to bottom. If all the conditions are not met in the first policy it will

then move on to the next policy and so on.

 

I have two policies, the first is to grant access to wireless clients using

NAS Port type 802.1x and PEAP and the second policy is for NAS Port type

802.1x and users in a Windows security group called "WirelessAccess".

 

If policy1 (802.1x and PEAP) is listed at the top clients that match it's

conditions can connect but the clients who match the second policy ( 802.1x

and Windows Group\WirelessAccess) can not connect.

 

If i then promote the second policy (802.1x and Windows

Group\WirelessAccess) to number 1 the clients that match that policy can now

connect but the clients who match the 802.1x and PEAP policy can no longer

connect.

 

Policy 1 (802.1x and PEAP) is for domain pc's and uses group policy to force

the WLAN users connect to.

 

Policy 2 ( 802.1x and Windows Group\WirelessAccess) is for limited access

WLAN.

 

I have IAS set to log the succesful and unsuccesful connections but all I

see in the logs are succesfull connections.

 

The WLAN's are being controlled by a HP Wireless Services zl Module if that

helps.

 

This is the first time I've used IAS so I'm hoping it's just something

simple I missing. Any help would be much appreciated.