Wireless Provisioning Servives Guest login disconnection

Discussion in 'Wireless Networking' started by white_cs, May 30, 2005.

  1. white_cs

    white_cs Guest

    Hi,

    I am trying to test a Microsoft Wireless Provisioning Services (WPS)
    setup.

    The client is a laptop with XP SP2, the access point is an Aironet 1200
    and the RADIUS server is Radiator.

    I have been able to get successful PEAP 802.1x authentication working
    when I manually configure the XP client (i.e. using PEAP authentication
    with MS-CHAPv2 with a known username/password).
    By successful I mean that the 802.1x authentication completes and the
    laptop gets an IP address via DHCP through which I can then access the
    network at large. So I think I have the basic PEAP authentication with
    a non-Microsoft RADIUS server working.

    However, when I attempt to use WPS guest mode I get a problem as
    follows:
    1. I connect to SSID 'wps'. PEAP auth for the first time seems to go
    OK and see that WLAN associates and gets IP address via DHCP.
    2. Window popup asking if client can download provisioning info.
    Note that the 'Download' button is inactive for 4 seconds and then
    becomes active (this is mentioned in WZCDLG logs)
    3. By the time the 'Download' button is active, the WLAN interface
    is no longer associated.
    4. I have waited variable lengths of time (up to 20 minutes) before
    pressing 'Download' button but in all cases behaviour is the same. i.e.
    client says it is now retrieving files. It waits for a while (1
    minute?) and then does PEAP authentication to AP for a second time.
    5. This succeeds and it associates again and gets IP address by
    DHCP. Within several seconds it disconnects again and get error popup
    saying network is unavailable.

    I also noticed a DHCP event 1006 in the 'Event Viewer' on the client.
    This is a DHCP warning and it occurs when the client authenticates the
    second time after dropping out initially. It says it got a DHCP address
    already in use and so it will shut down the interface until it gets a
    proper one. However, as far as I can tell from the packet traces, it
    gets an unused DHCP address so I don't know what is causing this error.

    The other confusing issue is that I have had the second connection (in
    step 5) stay up on a couple of occasions and then the client attempted
    to download the XML provisioning files. When this happened it still
    had the initial disconnection and reconnection though. But, apart from
    a couple of successes my countless other attempted connections have
    failed as described above.

    Does anyone know the cause of this problem? Should there be an initial
    disconnction as in step 3? Why might the second connection fail? Why is
    DHCP failing?

    I would appreciate any help.
     
    white_cs, May 30, 2005
    #1
    1. Advertising

  2. white_cs

    white_cs Guest

    I found the problem. The following description maybe of use if other
    people have similar problems.

    The first DHCP disconnection seems to be normal. The first time a
    connection is made is within the function
    CWZCQuickCfg::ConnectAsGuestToDiscoverWisp which disconnects once a
    WISP has been discovered. The second connection is within the function
    CWZCQuickCfg::ConnectAsGuestAndDownloadWispPackage which will actually
    attempt to download.

    The second disconnection was a problem however. The immediate reason
    for the second disconnection was that the Network Provisioning Service
    seemed to be confused after an earlier failure. After an earlier
    download had failed, the registry key was set for the WISP under
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\xmlprov\Parameters\Domains\www.foo.com.
    However, no XML files had been downloaded successfully into
    C:\Documents and Settings\All Users\Application
    Data\Microsoft\Provisioning\Master\www.foo.com. So when it came time
    to get the provisioning data, the Provisioning Service seemed to think
    it had the data (since the registry key was set) and hence wouldn't
    attempt to download it again. But when it went to read the data the
    files weren't there so it bailed out and disconnected (which in turn
    caused the DHCP error).

    The root cause of this problem was that the certificate had expired on
    the web server containing the provisioning XML files and this caused
    the the download to fail. However I had trouble finding out that this
    was the error.
    The first places I looked were the event viewer and the logs:
    - The error reported by the Network Provisioning Server in the Event
    Viewer was 40004 "Maximum file size constraints for domain www.foo.com
    have been exceeded. The reason is 'One or more maximum file size
    constraints were exceeded.'".
    - The error in WZCDLG was "CWZCQuickCfg ERROR:(0x80004005):Connection
    Failed
    Unspecified error".
    - The error in XMLProv was
    [208] 09:50:14: /---CXmlProvJob::JobError
    [208] 09:50:14: | BITS Job : {123456-1234-ABCD-DCBA-123456789AB}

    [208] 09:50:14: | Invalid state [current BG_JOB_STATE : (4)]

    [208] 09:50:14: | /---CXmlProvDomain::RemoveJobFromJob
    [208] 09:50:14: || Queued a domain work item to remove a job!

    [208] 09:50:14: | \___CXmlProvDomain::RemoveJobFromJob
    [208] 09:50:14: \___CXmlProvJob::JobError
    which at least prompted me to investigate BITS.

    I eventually found out the error using the BITSAdmin tool since BITS is
    used to manage the download. The following command showed the problem:

    C:\Documents and Settings\demo>bitsadmin /list /allusers /verbose

    BITSADMIN version 2.0 [ 6.6.2600.2180 ]
    BITS administration utility.
    (C) Copyright 2000-2004 Microsoft Corp.

    GUID: {123456-1234-ABCD-DCBA-123456789AB} DISPLAY: www.foo.com
    TYPE: DOWNLOAD STATE: ERROR OWNER: NT AUTHORITY\SYSTEM
    PRIORITY: FOREGROUND FILES: 0 / 1 BYTES: 0 / UNKNOWN
    CREATION TIME: 1/06/2005 10:43:19 AM MODIFICATION TIME: 2/06/2005
    1:24:04 PM
    COMPLETION TIME: UNKNOWN ACL FLAGS:
    NOTIFY INTERFACE: UNREGISTERED NOTIFICATION FLAGS: 11
    RETRY DELAY: 600 NO PROGRESS TIMEOUT: 1209600 ERROR COUNT: 24
    PROXY USAGE: NO_PROXY PROXY LIST: NULL PROXY BYPASS LIST: NULL
    ERROR FILE: https://www.foo.com/provisioning/master.xml ->
    C:\Documents and Settings\All Users\Application
    Data\Microsoft\Provisioning\Temp\www.foo.com.xml
    ERROR CODE: 0x80072f05 - The date in the certificate is invalid or
    has expired
    ERROR CONTEXT: 0x00000005 - The error occurred while the remote file
    was being processed.
    DESCRIPTION:
    JOB FILES:
    0 / UNKNOWN WORKING
    https://www.foo.com/portal/provisioning/master.xml -> C:\Documents and
    Settings\All Users\Application
    Data\Microsoft\Provisioning\Temp\www.foo.com.xml
    NOTIFICATION COMMAND LINE: none

    Once I updated the certificate the download workd fine and I got the
    signup wizard and could make progress.
     
    white_cs, Jun 6, 2005
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Bryan S. Burgin [MSFT]

    Wireless Provisioning Services (WPS) documentation now available

    Bryan S. Burgin [MSFT], Aug 19, 2004, in forum: Wireless Networking
    Replies:
    0
    Views:
    1,275
    Bryan S. Burgin [MSFT]
    Aug 19, 2004
  2. =?Utf-8?B?ZGVoZWluejE=?=

    Wireless Provisioning Service

    =?Utf-8?B?ZGVoZWluejE=?=, Mar 2, 2005, in forum: Wireless Networking
    Replies:
    1
    Views:
    1,295
    Oliver Saal [MS]
    Mar 16, 2005
  3. =?Utf-8?B?U2VyZ2V5?=

    Wireless Provisioning Services

    =?Utf-8?B?U2VyZ2V5?=, Nov 17, 2005, in forum: Wireless Networking
    Replies:
    1
    Views:
    831
    T O M E I R I K J E N S E N
    Nov 23, 2005
  4. T O M   E I R I K   J E N S E N

    Wireless Provisioning Services ! Someone working with it now ?

    T O M E I R I K J E N S E N, Nov 23, 2005, in forum: Wireless Networking
    Replies:
    1
    Views:
    772
    Tom Eirik Jensen
    Nov 25, 2005
  5. Mike Webb

    Guest network asks for proxy login & password -- Why?

    Mike Webb, Sep 10, 2007, in forum: Wireless Networking
    Replies:
    0
    Views:
    459
    Mike Webb
    Sep 10, 2007
Loading...

Share This Page