Windows XP client denied access

[blin]

New install windows 2008R2 NPS. Windows 2003R2/Windows 2008R2 AD environment. Root CA is installed on windows 2003 R2.


users on windows xp sp3 are unable to connect to wireless network. windows 7 users does not have this issue.
What am I doing wrong ? Is there a fix to this ? How do I troubleshoot if the certificate is installed correctly on the NPS server?

The event log indicates

"
Reason Code: 269
Reason: The client and server cannot communicate, because they do not possess a common algorithm.




Log Name: Security
Source: Microsoft-Windows-Security-Auditing
Date: 8/16/2011 2:37:41 PM
Event ID: 6273
Task Category: Network Policy Server
Level: Information
Keywords: Audit Failure
User: N/A
Computer: openradius.localdomain.com
Description:
Network Policy Server denied access to a user.

Contact the Network Policy Server administrator for more information.

User:
Security ID: LOCALDOMAIN\boygeorge
Account Name: LOCALDOMAIN\boygeorge
Account Domain: LOCALDOMAIN
Fully Qualified Account Name: LOCALDOMAIN\boygeorge

Client Machine:
Security ID: NULL SID
Account Name: -
Fully Qualified Account Name: -
OS-Version: -
Called Station Identifier: 000A856488B0
Calling Station Identifier: 000DF23C4F13

NAS:
NAS IPv4 Address: 192.168.0.10
NAS IPv6 Address: -
NAS Identifier: 192.168.0.10
NAS Port-Type: Wireless - IEEE 802.11
NAS Port: 2

RADIUS Client:
Client Friendly Name: Aruba 6000 controller
Client IP Address: 192.168.0.10

Authentication Details:
Connection Request Policy Name: US Aruba 6000 PEAP
Network Policy Name: US-Aruba
Authentication Provider: Windows
Authentication Server: openradius.localdomain.com
Authentication Type: PEAP
EAP Type: -
Account Session Identifier: -
Logging Results: Accounting information was written to the local log file.
Reason Code: 269
Reason: The client and server cannot communicate, because they do not possess a common algorithm.

[blin]

We should enroll certificates to user and computer accounts next, certificate should meet the prerequirements that listed in the article I posted previously if had already issued server certificate to NPS server.



Checklist: Configure NPS for Secure Wireless Access

http://technet.microsoft.com/en-us/libr ... 71696.aspx



But according current symptom, if clients that running other Windows versions will not be affected by this issue , we’d consider first to check the settings in wireless profile on XP clients.

Meanwhile, have configured any CA related entry in NPS policy ?



For further troubleshooting , we need to enable tracing and verify the logging files on client:



http://technet.microsoft.com/en-us/libr ... .aspx#EDAA