Event ID - 24

Event Id24
SourceHRA
DescriptionThe Health Registration Authority was unable to validate the request with the Correlation ID %1 at IP address %2 (Principal: %3). The Network Policy Server had no policy matching the request (%4). See the Network Policy Server administrator for more information.
Event InformationAccording to Microsoft :
Resolve
Install or enable NPS
This error condition indicates that the NPS service is unavailable. Check that NPS is running and is not disabled, and make sure the NPS server role is installed correctly.If NPS on the local computer is configured as a RADIUS proxy, then confirm connectivity to the NAP health policy server in a remote RADIUS server group.
To perform this procedure, you must be a member of the Administrators group or must have been delegated the appropriate authority.
  • Check NPS service availability
  • Check network connectivity
Configure a RADIUS proxy
This error condition indicates that the local NPS is not configured as a RADIUS proxy to forward client health credentials to the NAP health policy server for evaluation.
Perform the following procedures to configure the local computer as a RADIUS proxy. These procedures apply if the NPS service on the local computer will forward connection requests to a remote NAP health policy server for evaluation.You should also confirm that the NAP health policy server added to remote RADIUS server groups in the first procedure is configured to evaluate NAP client heath status and has a corresponding RADIUS client entry to receive connection requests forwarded by the local computer. To determine if the RADIUS client entries are correct on remote RADIUS servers, see the section titled "Configure the NAP health policy server."
To perform this procedure,must be a member of the Administrators group or must have been delegated the appropriate authority.
Configuring a RADIUS proxy
To configure remote RADIUS server groups:
  1. On the computer where HRA is installed, click Start.
  2. Click Run, type nps.msc, and then press ENTER.
  3. In the console tree, under RADIUS Clients and Servers, right-click Remote RADIUS Server Groups, and then click New.
  4. Under Group name, type a name for the remote RADIUS server group. Click Add<, and then under Server, type the DNS name or IP address of a server running NPS that is configured to evaluate NAP Internet Protocol security (IPsec) client connection requests forwarded from the local HRA.
  5. Click Verify, and then click Resolve.
  6. Confirm that the IP address for your deployment is correct and then click OK.
  7. Click the Authentication/Accounting tab.Under Shared secret and Confirm shared secret, type the secret that is configured in NPS settings on the NAP health policy server.
  8. Click OK twice.
  9. Leave the NPS console open for the following procedure.
Configure connection request policy to forward authentication requests
Configure the NAP health policy server
This error condition indicates that configuration of the NAP health policy server is not correct for the NAP IPsec enforcement method. To configure NPS on the local computer as a NAP health policy server,must configure the following policies and settings:
  • Connection request policy
  • Network policy
  • Health policy
  • System health validators (SHVs)
Note: If other HRA servers will be configured as RADIUS proxies to forward connection requests to the local computer, then must also configure RADIUS clients.
These procedures apply only if health policies configured in NPS on the local computer will be used to evaluate the health status of NAP client computers. If you have previously configured the server running NPS as a NAP health policy server, then use the following procedures to confirm the settings.
To perform this procedure,must be a member of the Administrators group or must have been delegated the appropriate authority.
  • Configure connection request policy
  • Configure health policy
  • Configure network policy
  • Configure system health validators
Configure RADIUS clients
To configure RADIUS clients:
The configuration of RADIUS clients is optional.If your NAP health policy server recieves requests from other HRAs that are running NPS in a RADIUS proxy configuration and will forward authentication requests to the local server, you must configure NPS on the local computer to evaluate these requests and return the results of this evaluation to other HRA servers.Use the following procedure to configure the local computer to process requests recieved from remote HRA servers.
  1. On the NAP health policy server, click Start.
  2. Click Run, type nps.msc, and then press ENTER.
  3. Right-click RADIUS Clients, and then click New RADIUS Client.
  4. Under Friendly name, type a name for the RADIUS client.
  5. Under Address (IP or DNS), enter the IP address or DNS name of the remote HRA server, click Verify, and then click Resolve.
  6. Confirm that the IP address displayed corresponds to the correct remote HRA server, and then click OK.
  7. Under Shared secret and Confirm shared secret, type the secret that is configured in remote RADIUS server group settings on the remote HRA server.
  8. If the remote HRA server has enabled the Message-Authenticator attribute in its remote RADIUS server group configuration settings, then select the Access-Request messages must contain the Message-Authenticator attribute check box. If this option is not enabled on the remote HRA, then confirm that this check box is cleared.
  9. Select the RADIUS client is NAP-capable check box, and then click OK.
  10. Repeat this procedure for all remote HRA servers that are configured to forward connection requests to the current NPS.
  11. Close the NPS console.
Reset HRA
HRA runs an IIS worker process, w3wp.exe, that works with NPS to issue health certificates when a NAP client initiates a connection. If the process is idle for several minutes, the process ends until it is called again.
This error condition indicates that the NPS service has become unavailable while w3wp.exe is running, possibly due to a temporary loss of network connectivity or a restarting of the NPS service.You can wait for the w3wp.exe process to end, or you can end the current process, forcing a new w3wp.exe process to start.
To perform this procedure,must be a member of the Administrators group or must have been delegated the appropriate authority.
To end the w3wp.exe process:
  1. On the computer where HRA is installed, click Start.
  2. Right-click Command Prompt, and then click Run as Administrator.
  3. In the command window, type taskkill /F /IM w3wp.exe, and then press ENTER.
  4. Confirm that the command completed successfully.
Note: If the w3wp.exe process has ended, the command output will display "ERROR: The process "w3wp.exe" not found."
Reference LinksEvent ID 24 from HRA

Catch threats immediately

We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.

See what we caught

Did this information help you to resolve the problem?

Yes: My problem was resolved.
No: The information was not helpful / Partially helpful.
 Refresh