Hi,
I have configured an NPS server in Server 2019 standard.
PEAP/Secured Password (EAP-MSCHAP2 v2) is working perfectly.
PEAP/Smart card or other certificate is not working.
The test client workstation has the correct new domain computer/user CA certificate installed and NPS server has the correct CA certificates installed and is enabled to perform domain authentication.
Does anyone have any ideas what might be the problem?
Here is an example of NPS server log:
<Event><Timestamp data_type="4">04/06/2021 10:42:53.944</Timestamp><Computer-Name data_type="1">NPS01</Computer-Name><Event-Source data_type="1">IAS</Event-Source><Service-Type data_type="0">2</Service-Type><Framed-MTU data_type="0">9198</Framed-MTU><Called-Station-Id data_type="1">00-62-EC-18-CD-81</Called-Station-Id><Calling-Station-Id data_type="1">54-EE-75-31-24-20</Calling-Station-Id><Framed-IP-Address data_type="3">172.18.110.3</Framed-IP-Address><NAS-IP-Address data_type="3">172.18.114.2</NAS-IP-Address><NAS-Port-Id data_type="1">GigabitEthernet1/0/1</NAS-Port-Id><NAS-Port-Type data_type="0">15</NAS-Port-Type><NAS-Port data_type="0">50101</NAS-Port><Client-IP-Address data_type="3">172.18.114.2</Client-IP-Address><Client-Vendor data_type="0">9</Client-Vendor><Client-Friendly-Name data_type="1">Switch</Client-Friendly-Name><Cisco-AV-Pair data_type="1">method=dot1x</Cisco-AV-Pair><Cisco-AV-Pair data_type="1">service-type=Framed</Cisco-AV-Pair><Cisco-AV-Pair data_type="1">audit-session-id=0A9C2582000010E46DA2F630</Cisco-AV-Pair><User-Name data_type="1">host/test500.DOMAIN.com</User-Name><Proxy-Policy-Name data_type="1">CERTIFIKAT</Proxy-Policy-Name><Provider-Type data_type="0">1</Provider-Type><SAM-Account-Name data_type="1">DOMAIN\TEST500$</SAM-Account-Name><Fully-Qualifed-User-Name data_type="1">DOMAIN\TEST500$</Fully-Qualifed-User-Name><Authentication-Type data_type="0">5</Authentication-Type><NP-Policy-Name data_type="1">Copy of Certifikat - TEST</NP-Policy-Name><Class data_type="1">311 1 172.18.66.62 04/05/2021 08:54:19 1589</Class><Packet-Type data_type="0">1</Packet-Type><Reason-Code data_type="0">0</Reason-Code></Event>
<Event><Timestamp data_type="4">04/06/2021 10:42:53.944</Timestamp><Computer-Name data_type="1">NPS01</Computer-Name><Event-Source data_type="1">IAS</Event-Source><Class data_type="1">311 1 172.18.66.62 04/05/2021 08:54:19 1589</Class><Session-Timeout data_type="0">60</Session-Timeout><NP-Policy-Name data_type="1">Copy of Certifikat - TEST</NP-Policy-Name><Client-IP-Address data_type="3">172.18.114.2</Client-IP-Address><Client-Vendor data_type="0">9</Client-Vendor><Client-Friendly-Name data_type="1">Switch</Client-Friendly-Name><Authentication-Type data_type="0">5</Authentication-Type><Proxy-Policy-Name data_type="1">CERTIFIKAT</Proxy-Policy-Name><Provider-Type data_type="0">1</Provider-Type><SAM-Account-Name data_type="1">DOMAIN\TEST500$</SAM-Account-Name><Fully-Qualifed-User-Name data_type="1">DOMAIN\TEST500$</Fully-Qualifed-User-Name><Packet-Type data_type="0">11</Packet-Type><Reason-Code data_type="0">0</Reason-Code></Event>