failover NAP for two domains.

A

Anahaym

There are two domains in different forests with trusts. Each domain has NAP and AD CA installed. I configure authentication based on computer certificate [on the switch] for wired connections. The task is to make it so that when one of the NAP is unavailable the second NAP served for two domains. I've added the root certificates on each NAP but authentication is failed. The logs from the second NAP:

"VNAP02","IAS",07/23/2019,17:40:13,1,"host/DOM1-NB10.domain.local","domain.local/DOM1_Computer/DOM1-NB10","54-80-28-a0-07-c0","e8-6a-64-77-3f-14",,,"HP","192.168.0.23",35,0,"192.168.0.23","HP 2530-48G Switch",,,15,"CONNECT Ethernet 1000Mbps Full duplex",1,2,5,"Port Authentication",0,"311 1 192.168.0.8 06/29/2019 11:51:05 15528",,,,,,,,,,,,,,,,,,13,6,,,,"1",,,,,,11,,,,,"Use Windows authentication for all users",1,,,,
"VNAP02","IAS",07/23/2019,17:40:13,11,,"domain.local/DOM1_Computer/DOM1-NB10",,,,,,,,0,"192.168.0.23","HP 2530-48G Switch",,,,,,,5,"Port Authentication",0,"311 1 192.168.0.8 06/29/2019 11:51:05 15528",30,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,"Use Windows authentication for all users",1,,,,
"VNAP02","IAS",07/23/2019,17:40:13,1,"host/DOM1-NB10.domain.local","domain.local/DOM1_Computer/DOM1-NB10","54-80-28-a0-07-c0","e8-6a-64-77-3f-14",,,"HP","192.168.0.23",35,0,"192.168.0.23","HP 2530-48G Switch",,,15,"CONNECT Ethernet 1000Mbps Full duplex",1,2,5,"Port Authentication",0,"311 1 192.168.0.8 06/29/2019 11:51:05 15529",,,,,,,,,,,,,,,,,,13,6,,,,"1",,,,,,11,,,,,"Use Windows authentication for all users",1,,,,
"VNAP02","IAS",07/23/2019,17:40:13,11,,"domain.local/DOM1_Computer/DOM1-NB10",,,,,,,,0,"192.168.0.23","HP 2530-48G Switch",,,,,,,5,"Port Authentication",0,"311 1 192.168.0.8 06/29/2019 11:51:05 15529",30,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,"Use Windows authentication for all users",1,,,,
"VNAP02","IAS",07/23/2019,17:40:13,1,"host/DOM1-NB10.domain.local","domain.local/DOM1_Computer/DOM1-NB10","54-80-28-a0-07-c0","e8-6a-64-77-3f-14",,,"HP","192.168.0.23",35,0,"192.168.0.23","HP 2530-48G Switch",,,15,"CONNECT Ethernet 1000Mbps Full duplex",1,2,5,"Port Authentication",0,"311 1 192.168.0.8 06/29/2019 11:51:05 15530",,,,,,,,,,,,,,,,,,13,6,,,,"1",,,,,,11,,,,,"Use Windows authentication for all users",1,,,,
"VNAP02","IAS",07/23/2019,17:40:13,11,,"domain.local/DOM1_Computer/DOM1-NB10",,,,,,,,0,"192.168.0.23","HP 2530-48G Switch",,,,,,,5,"Port Authentication",0,"311 1 192.168.0.8 06/29/2019 11:51:05 15530",30,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,"Use Windows authentication for all users",1,,,,
"VNAP02","IAS",07/23/2019,17:40:20,1,"host/DOM1-NB10.domain.local","domain.local/DOM1_Computer/DOM1-NB10","54-80-28-a0-07-c0","e8-6a-64-77-3f-14",,,"HP","192.168.0.23",35,0,"192.168.0.23","HP 2530-48G Switch",,,15,"CONNECT Ethernet 1000Mbps Full duplex",1,2,5,"Port Authentication",0,"311 1 192.168.0.8 06/29/2019 11:51:05 15531",,,,"Microsoft: Smart Card or other certificate",,,,,,,,,,,,,,13,6,,,,"1",,,,,,11,,,,,"Use Windows authentication for all users",1,,,,
"VNAP02","IAS",07/23/2019,17:40:20,3,,"domain.local/DOM1_Computer/DOM1-NB10",,,,,,,,0,"192.168.0.23","HP 2530-48G Switch",,,,,,,5,"Port Authentication",265,"311 1 192.168.0.8 06/29/2019 11:51:05 15531",,,,"Microsoft: Smart Card or other certificate",,,,,,,,,,,,,,,,,,,,,,,,,,,,,,"Use Windows authentication for all users",1,,,,

What should I configure?

Continue reading...
 
You must log in or register to reply here.

Similar threads

B
  • Article
Announcing Windows 11 Insider Preview Build 23506
Replies
0
Views
151
Brandon LeBlanc
B
B
  • Article
Announcing Windows 11 Insider Preview Build 23493
Replies
0
Views
153
Brandon LeBlanc
B
A
  • Article
Shopping for grads and dads? Check out these Windows 11 PCs for school, work and gaming
Replies
0
Views
276
Athima Chansanchai, Writer
A
W
Windows 10 Join Domain BSOD apc index mistmatch
Replies
0
Views
308
Wong Wing Kin
W
C
what is eventtype PCA2 and how can i fix it?
Replies
0
Views
460
Cintagram
C
Back
Top Bottom