I am having a weird problem regarding NPS Server when I upgraded my vpn servers from server 2008 R2 to Server 2012 R2. Actually in my infrasturcture I have a Windows 2008 R2 based AD and in its domain I have an NPS server joined as member server. This NPS server is based on server 2012 R2, when I upgraded my VPN servers from server 2008 R2 to server 2012 R2 the IKEv2 stops working every other protocols works on windows 7 when I try to connect using IKEv2 it hangs at verifying username and password nad when I tested IKEv2 in Win 8 it says IKE authentication credentials are unacceptable, inspite that my server certificate is valid EKU compatible. When I connected IKEv2 via my other server whose server 2008 R2 based VPN Server The IKEv2 works like a charm without any issues successfully authenticating. The problem seems to be with Server 2012 R2 based RRAS VPN Server.On my both server 2012 VPN and server 2008 R2 VPN servers the NPS server is added in the Radius Authentication. With options of MS-CHAPv2 and EAP selected in authentication options.
I try to connect to the VPN server from Windows 8 "13801: IKE authentication credentials are unacceptable." When I try to connect via Win 7 Client the session hangs at verifying username and password. In the event logs I see this error.. after this error the session just hangs at verifying username and password.....
s2.JPG 56.74KB 0 downloads
When I run the Best Practice Analyzer for Routing and Remote Access Services (RRAS) on the server I received two highlighted warning regarding server certificates. Any clues whats the problem with IKEv2....
s1.JPG 78.55KB 0 downloads
Please help me in this regards....this problem is driving me nuts...!!!