HOW to fix Event ID 6273 reason code 22

Question

HOW to fix Event ID 6273 reason code 22

Eka Putra 0

how to fix this issue. my wifi connection cant connect to Radius

Logging Results: Accounting information was written to the local log file.

Reason Code:			22

Reason:				The client could not be authenticated  because the Extensible Authentication Protocol (EAP) Type cannot be processed by the server.

Anonymous

2024-09-02T08:01:38.26+00:00

Hello,

I have not heard from you for a few days. Please let me know if there is anything that I can help here.

Best Regards,

Hania Lian
Scaggs 5 Reputation points

2024-09-24T16:41:48.84+00:00

Problem is most likely that the self signed cert broke. Yes as my last resore before blowing away the whole server is I deleted the server.domain.com cert from the Personal Store and the Trusted Root store in certmgr.msc .... Then using powershell, recreated the self signed cert using this command:

On the NPS server type:
New-SelfSignedCertificate -Subject “server1.domain.com” -DnsName “server1.domain.com”, “domain.com” -CertStoreLocation “cert:\LocalMachine\My” -KeyAlgorithm RSA -KeyLength 2048 -KeyExportPolicy Exportable -NotAfter (Get-Date).AddYears(7)

AddYears(7) makes this cert work for 7 years. Change to whatever you desire...

Note: Change server1.domain.com to whatever your server and domain are

Then once that is done, right click - export... export that cert out of your personal store and put a password on it or it wont work.

Then after it is exported, find it, right click it, click install enter the password and put it in the Trusted Root Certificate store.

Open NPS and look at your policies for EAP and make sure in the dropdown it has your new cert selected. stop and start NPS

Then try your NPS authentication again. I bet it works.

2 answers

Your answer

Anonymous

2024-09-02T08:01:38.26+00:00

Hello,

I have not heard from you for a few days. Please let me know if there is anything that I can help here.

Best Regards,

Hania Lian
Scaggs 5 Reputation points

2024-09-24T16:41:48.84+00:00

Problem is most likely that the self signed cert broke. Yes as my last resore before blowing away the whole server is I deleted the server.domain.com cert from the Personal Store and the Trusted Root store in certmgr.msc .... Then using powershell, recreated the self signed cert using this command:

On the NPS server type:
New-SelfSignedCertificate -Subject “server1.domain.com” -DnsName “server1.domain.com”, “domain.com” -CertStoreLocation “cert:\LocalMachine\My” -KeyAlgorithm RSA -KeyLength 2048 -KeyExportPolicy Exportable -NotAfter (Get-Date).AddYears(7)

AddYears(7) makes this cert work for 7 years. Change to whatever you desire...

Note: Change server1.domain.com to whatever your server and domain are

Then once that is done, right click - export... export that cert out of your personal store and put a password on it or it wont work.

Then after it is exported, find it, right click it, click install enter the password and put it in the Trusted Root Certificate store.

Open NPS and look at your policies for EAP and make sure in the dropdown it has your new cert selected. stop and start NPS

Then try your NPS authentication again. I bet it works.

Answer 1

Problem is most likely that the self signed cert broke. Yes as my last resore before blowing away the whole server is I deleted the server.domain.com cert from the Personal Store and the Trusted Root store in certmgr.msc .... Then using powershell, recreated the self signed cert using this command:

On the NPS server type: New-SelfSignedCertificate -Subject “server1.domain.com” -DnsName “server1.domain.com”, “domain.com” -CertStoreLocation “cert:\LocalMachine\My” -KeyAlgorithm RSA -KeyLength 2048 -KeyExportPolicy Exportable -NotAfter (Get-Date).AddYears(7)

AddYears(7) makes this cert work for 7 years. Change to whatever you desire...

Note: Change server1.domain.com to whatever your server and domain are

Then once that is done, right click - export... export that cert out of your personal store and put a password on it or it wont work.

Then after it is exported, find it, right click it, click install enter the password and put it in the Trusted Root Certificate store.

Open NPS and look at your policies for EAP and make sure in the dropdown it has your new cert selected. stop and start NPS

Then try your NPS authentication again. I bet it works.

Answer 2

Hello,

This error message, Reason Code 22, indicates that the client could not be authenticated because the Extensible Authentication Protocol (EAP) Type cannot be processed by the server. This typically happens when the Network Policy Server (NPS) is unable to handle the specific EAP type being used by the client.

Here are a few steps you can take to troubleshoot this issue:

Verify EAP Configuration: Ensure that the EAP type configured on the client matches the EAP type supported by the NPS server.

Check Certificates: If you’re using certificate-based authentication (like EAP-TLS), make sure that the certificates on both the client and server are valid and properly configured.

Update NPS Policies: Review and update the NPS policies to ensure they are correctly set up to handle the EAP type in question.

Review Logs: Check the NPS logs for more detailed error messages that might give additional clues about the issue.

Best Regards,

Hania Lian

============================================

If the Answer is helpful, please click "Accept Answer" and upvote it.

Share via

HOW to fix Event ID 6273 reason code 22

2 answers

Your answer