Server 2019 NPS & PEAP

Ben Faltys 1 Reputation point
2021-04-12T13:57:08.917+00:00

We've recently moved a bunch of network switches to use RADIUS authentication instead of local accounts. Currently, we're using EAP-MD5-Challenge as that is all the switches support. However, I recently got a copy of the newest firmware which adds PEAP. I'm certainly not an expert in the various EAP protocols. When I attempt to login to my test switch I see an event on the server for a failed login which shows an account name "anonymous" with a denied access event. From what I can tell, PEAP can use an anonymous outer identity. My assumption is that the server would then strip that to get the inner identity with the actual user name/password. In this case that doesn't seem to be happening. The switch vendor is also looking into this, but I want to be sure I understand how this should work and it would also be nice to know if I should see an event with the actual user instead of anonymous.

86981-image.png

86967-image.png

Windows for business | Windows Server | User experience | Other
0 comments No comments
{count} votes

2 answers

Sort by: Most helpful
  1. Anonymous
    2021-04-13T02:51:42.553+00:00

    Hi,

    Thanks for your posting here. Please understand, due to limit resource, we have no such switch device to test in our lab. It is hard for us to reproduce the phenomenon. In your case, we might need to trace and monitor logs to analyze the cause. However, analysis of traffic is beyond our forum support level and due to forum security policy, we have no such channel to collect user log information. So we recommend you open a case with MS Professional tech support service, they will help you open a phone or email case to Microsoft, so that you would get a technical support on a one-to-one basis while ensuring private information.

    Here is the link:

    https://support.microsoft.com/en-us/gp/customer-service-phone-numbers

    Best Regards,
    Candy

    --------------------------------------------------------------

    If the Answer is helpful, please click "Accept Answer" and upvote it.

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    0 comments No comments

  2. Ben Faltys 1 Reputation point
    2021-04-13T13:54:27.927+00:00

    I was mostly curious as to what I should see on the NPS side when PEAP authentication occurs correctly. I've located one such event and the NPS log shows the actual domain\username instead of domain\anonymous.

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.