| Event Id | 31 |
| Source | NPS |
| Description | The RADIUS Proxy received a response from server %1 with the Code field set to the invalid value of %2. Valid values of the Code field are documented in RFC 2865. |
| Event Information | According to Microsoft : Cause : This event is logged when the RADIUS proxy received a response from server with an invalid message authenticator attribute. Resolution : Reconfigure, update, or replace the RADIUS server To perform this procedure, you must be a member of Domain Admins . To reconfigure, update, or replace the RADIUS server: 1.Contact your RADIUS server vendor for configuration assistance or software or firmware updates. RADIUS server vendors might provide updates that allow the RADIUS server to send response messages that comply with the RADIUS protocol. 2.If your RADIUS server vendor cannot provide reconfiguration instructions or updates that allow the RADIUS server to send RADIUS protocol-compliant messages, you must obtain and install a RADIUS protocol-compliant RADIUS server for use with NPS. Verify : To verify that RADIUS messages are not malformed: 1.On the server running NPS, start an application that is used to capture network traffic and begin a capture. 2.On a computer that is configured according to network access policy to connect to the network, log on to the network with a valid user account and valid credentials through the RADIUS client that previously sent the malformed message. 3 .On the server running NPS, stop the network traffic capture, and then review UDP RADIUS traffic to confirm that the responses from the RADIUS server comply with the RADIUS protocol specification. |
| Reference Links | Event ID 31 from Source NPS |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.