Tekradius Enterprise LT 5.7

[DiethardW]

Hi,

im testing 802.1x (via cable from Switch and via Wifi).

When im using local users in Tekradios everything is working fine.

But i want to use a check against an AD Group with the authentication proxy option.

The Main Problem is that it tries to auth against the domain but always get an "lsalogonuser failed for domain\username (unknown user or wrong password, 0) [4]"

PEAPv0-MS-CHAP v2 failed for user ' domain\username ', sending Access-Reject (Default).

(whats the "(default)" here?)

When trying to often my account gets locked out (so tekradius is trying to authenticate against the right user and is reaching the DC).

What ive done so far

Run Tekradius as service user (Local Admin + WAA Group in AD)

I tried every solution i can find (dont use a group, use a group with check "authentication method ad" and/or "active directory-group" check and clicking on the ad group (so he can also read the ad).

maybe you have an idea?

[DiethardW]

ah sorry - trying to use eap-peap authentication (when this is working i try eap-tls)

[Yasin KAPLAN]

You should able to use PEAP authentication with Active Directory proxy. (default) is the local TekRADIUS user groups is being matched. You can find more details at Windows Event Log / Security.