This topic has several instructions you can follow when you encounter problems.
Go to: .
[Security] tabGo to the [Port-based authentication (IEEE 802.1X)] options.
[Port-based authentication (IEEE 802.1X)] optionsClick [Test the configuration].
Test configuration
Status network connectionGo to the control panel.
Touch: .
Read the [Status network connection] field. PRISMAsync Print Server displays one of the following status options.
[Unknown]
[Connection with enabled port-based authentication (IEEE 802.1X)]
[Connection with disabled port-based authentication (IEEE 802.1X)]
[Connection without support of port-based authentication (IEEE 802.1X)]
[Connection with failed port-based authentication (IEEE 802.1X)]
[No connection because network cable is not connected]
[No connection because port-based authentication (IEEE 802.1X) failed]
[Port-based authentication (IEEE 802.1X) is starting to establish a connection]
Use the vendor documentation of the switch how to display loggings. Check if a test feature is available to troubleshoot the RADIUS authentication.
In [Server Manager], click [Manage].
[Server Manager] optionsExpand [Server Roles].
Click [Network Policy and Access Services]. The Network Policy and Access Services (NPS) event logs of the last 24 hours are displayed in the [Summary] area of the right side.
Click [Go to Event Viewer].
Click the event and read the information in the [General] and [Details] tabs.
[Network Policy and Access Services]When logging is enabled, you can see information and warnings about the IEEE 802.1X communication. (4. Enable logging of events)
You can use tools (commonly named network protocol analysers) that follow frames of the IEEE 802.1X communication between PRISMA Print Server, the switch and the RADIUS Server. A frame is digital data transmission unit in networks or telecom.
The illustration below shows an example of IEEE 802.1X communication.
IEEE 802.1X communicationThe illustration below shows an example of the frames that were stored during a IEEE 802.1X session.
Frame
Frame
Frame
Frame
FrameUse the table below to solve problems.
|
Problem |
Possible cause |
Instruction |
|
|---|---|---|---|
|
1 |
There is no IEEE 802.1X communication with PRISMA Print Server |
IEEE 802.1X is not configured on PRISMA Print Server. |
|
|
2 |
There is no IEEE 802.1X communication with PRISMA Print Server because the PRISMA Print Server IEEE802.1Xconfiguration has been changed. |
After a re-installation or backup restore, the IEEE802.1X configuration has been changed. |
Configure the original IEEE802.1X settings on PRISMA Print Server. |
|
3 |
The Network Policy and Access Services (NPS) Event Viewer reports: Authentication failed due to a user credentials mismatch. |
The username or the printer name configured in the PRISMA Print Server Identity certificate does not match the username or printer name that is configured on the RADIUS server. |
Adjust the username or printer name on the RADIUS server. (2. Check if the current PRISMAsync Print Server Identity certificate is valid for IEEE 802.1X) |
|
4 |
The Network Policy and Access Services (NPS) Event Viewer reports: The certificate chain was issued by an authority that is not trusted. |
One or more CA certificates of the RADIUS server are not valid. |
Import the correct CA certificates of the RADIUS server on PRISMA Print Server. |
|
5 |
The Network Policy and Access Services (NPS) Event Viewer reports: The connection request did not match any configured network policy. |
The connection policy configured on Network Policy Server (NPS) is not correct. |
Check the connection policy configured on Network Policy Server (NPS). |
|
6 |
The Network Policy and Access Services (NPS) Event Viewer reports: The client could not be authenticated because the Extensible Authentication Protocol (EAP) Type cannot be processed by the server. |
The authentication method that is configured on Network Policy Server (NPS) does not correspond to the authentication method configured on PRISMA Print Server. |
Check the connection policy configured on Network Policy Server (NPS). |
|
7 |
The Network Policy and Access Services (NPS) Event Viewer reports: The RADIUS request did not match any configured connection request policy (CRP). |
The connection request policy configured on Network Policy Server (NPS) does not correspond to a RADIUS communication request. |
Check the connection request policy configured on Network Policy Server (NPS). (4. Check the [Ethernet] Connection Request Policy) |
|
8 |
The Network Policy and Access Services (NPS) Event Viewer reports: No credentials are available in the security package. |
The authentication method of the connection policy configured on Network Policy Server (NPS) does not correspond to a RADIUS communication request. |
Check the connection policy configured on Network Policy Server (NPS). |
|
9 |
The Network Policy and Access Services (NPS) Event Viewer reports: The specified user account does not exist. |
The connection policy configured on Network Policy Server (NPS) does not correspond to the username or printer name configured on PRISMA Print Server. These names are part of the Identity certificate of PRISMA Print Server or are configured as MS-CHAP-V2 username. |
Adjust the username or printer name on the RADIUS server. (2. Check if the current PRISMAsync Print Server Identity certificate is valid for IEEE 802.1X) |
|
10 |
The Network Policy and Access Services (NPS) Event Viewer reports: An Access-Request message was received from RADIUS client <IP address of radius client -the switch- configured on the Radius Server> with a Message-Authenticator attribute that is not valid. |
|
|