We are trying to set up a BYOD WLAN with Onboarding (Zero IT) but cant seem to get the register device authentication to work.
Ruckus Support have spent a lot of time to try to help with this issue remotely. They have verrified that our vSZ is configured correct and that our NPS (2012) which we use as RADIUS-server have the right policies.
Despite this we cant get the authentication to work.
When we try to authenticate in the register device portal we get "Internal server error".
The NPS logs 2 events every time; 6278 and 6272. Both with Audit Success. Both logs says that the user is granted full network access and match the policy we have set up for Secure Wireless Connection.
Ruckus Support ran a tcpdump on our vSZ to see what traffic passes during authentication and there we can see an Access Reject " Access Reject (3), id: 0x0d, Authenticator:xxxxxxxx"
vSZ is located externally and our NPS is local.
On NPS side we have port 1812 and 1813 open and we have all ports open for vSZ services on that side.
According to Ruckus Support the issue is on our RADIUS side but I cant seem to figure out where to contiune troubleshoot this as "everything is configured by the book".
If anyone would have some suggestions or input that could point me in the right direction I would appreciate it a lot.