Event ID 28 — Remote RADIUS Server Response Status
Applies To: Windows Server 2008
.jpg)
When you configure Network Policy Server (NPS) as a RADIUS proxy, remote RADIUS server responses received by the NPS proxy must be valid. If remote RADIUS server responses are not valid, the NPS proxy cannot communicate with the RADIUS server, which might cause connection request processing failure.
Event Details
| Product: | Windows Operating System |
| ID: | 28 |
| Source: | NPS |
| Version: | 6.0 |
| Symbolic Name: | PROXY_E_BAD_AUTHENTICATOR |
| Message: | The RADIUS Proxy received a response from server %1 with an invalid authenticator. |
Resolve
Reconfigure, update, or replace the RADIUS server
To perform this procedure, you must be a member of Domain Admins.
To reconfigure, update, or replace the RADIUS server:
- Contact your RADIUS server vendor for configuration assistance or software or firmware updates. RADIUS server vendors might provide updates that allow the RADIUS server to send response messages that comply with the RADIUS protocol.
- If your RADIUS server vendor cannot provide reconfiguration instructions or updates that allow the RADIUS server to send RADIUS protocol-compliant messages, you must obtain and install a RADIUS protocol-compliant RADIUS server for use with NPS.
Verify
To verify that RADIUS messages are not malformed:
- On the server running NPS, start an application that is used to capture network traffic and begin a capture.
- On a computer that is configured according to network access policy to connect to the network, log on to the network with a valid user account and valid credentials through the RADIUS client that previously sent the malformed message.
- On the server running NPS, stop the network traffic capture, and then review UDP RADIUS traffic to confirm that the responses from the RADIUS server comply with the RADIUS protocol specification.