I have a few XP Wireless Clients that are unable to connect to the NPS server. On the client, I see it keeps on trying and then it times out. On the NPS under the logs I get this event id Here is the log from NPS server: LogName: Security Source: Microsoft-Windows-Security-Auditing Date: 3/26/2012 9:13:42 AM EventID: 6273 Task Category: Network PolicyServer Level: Information Keywords: Audit Failure User: N/A. Computer: XXXX.XXXX.com Description: Network Policy Server deniedaccess to a user. Contact the Network PolicyServer administrator for more information. User: SecurityID: XXXXXX/XXXX$ AccountName: XXX.xxx.com AccountDomain: Fully Qualified Account Name: xxxx/xxxx/$ Client Machine: SecurityID: NULL SID AccountName: - Fully Qualified Account Name: - OS-Version: - Called StationIdentifier: Calling StationIdentifier: NAS: NAS IPv4Address: NAS IPv6 Address: - NASIdentifier: NASPort-Type: Wireless - IEEE 802.11 NASPort: 13 RADIUS Client: Client FriendlyName: Client IPAddress: Authentication Details: Connection Request PolicyName: SecureWireless Connections Network PolicyName: Secure Wireless Connections AuthenticationProvider: Windows AuthenticationServer: AuthenticationType: EAP EAPType: Microsoft: Smart Card or other certificate Account Session Identifier: - LoggingResults: Accounting information was written to the local log file. ReasonCode: 262 Reason: The supplied message is incomplete. The signature was not verified. Event Xml: <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <System> <ProviderName="Microsoft-Windows-Security-Auditing"Guid="{54849625-5478-4994-A5BA-3E3B0328C30D}" /> <EventID>6273</EventID> <Version>1</Version> <Level>0</Level> <Task>12552</Task> <Opcode>0</Opcode> <Keywords>0x8010000000000000</Keywords> <TimeCreatedSystemTime="2012-03-26T13:13:42.946725400Z" /> <EventRecordID>184207</EventRecordID> <Correlation /> <ExecutionProcessID="480" ThreadID="568" /> <Channel>Security</Channel> <Computer></Computer> <Security/> </System> <EventData> <DataName="SubjectUserSid">S-1-5-21-4194796918-174230580-1156134770-24343</Data> <DataName="SubjectUserName"></Data> <DataName="SubjectDomainName"></Data> <DataName="FullyQualifiedSubjectUserName">$</Data> <DataName="SubjectMachineSID">S-1-0-0</Data> <DataName="SubjectMachineName">-</Data> <DataName="FullyQualifiedSubjectMachineName">-</Data> <DataName="MachineInventory">-</Data> <DataName="CalledStationID"></Data> <DataName="CallingStationID"></Data> <DataName="NASIPv4Address"></Data> <DataName="NASIPv6Address">-</Data> <DataName="NASIdentifier"></Data> <DataName="NASPortType">Wireless - IEEE 802.11</Data> <DataName="NASPort">13</Data> <DataName="ClientName"></Data> <DataName="ClientIPAddress"></Data> <DataName="ProxyPolicyName">Secure Wireless Connections</Data> <DataName="NetworkPolicyName">Secure Wireless Connections</Data> <DataName="AuthenticationProvider">Windows</Data> <DataName="AuthenticationServer"></Data> <DataName="AuthenticationType">EAP</Data> <DataName="EAPType">Microsoft: Smart Card or other certificate</Data> <DataName="AccountSessionIdentifier">-</Data> <DataName="ReasonCode">262</Data> <DataName="Reason">The supplied message is incomplete. Thesignature was not verified.</Data> <DataName="LoggingResult">Accounting information was written to thelocal log file.</Data> </EventData> </Event>

Please try this and see if this helps Method 1: Disable certificate validation on the client computer To do this, follow these steps: Click Start, and then click Control Panel.Double-click Network Connections.Right-click the connection that you use to connect to the Windows Server 2003-based computer, and then click Properties.On the Authenticationtab, click Properties.Click to clear the Validate server certificate check box. Method 2: Install the trusted root certification authority on the client computer Start Microsoft Internet Explorer.In the Addressbox, type the following address: http://ServerName/certsrv Note Replace <var>ServerName</var> with the name of the server where the certification authority (CA) is stored. Click Download a CA certificate, certificate chain, or CRL.Under CA Certificate, click the CA that you want to install, and then click Download CA Certificate.On the File Downloadpage, click Open.Click Install certificate.Click Next.Click Automatically select the certificate store based on the type of certificate, and then click Next. Click Finish.

Hey , I saw this KB and I have already tried this.

What is the Encrption that you are using? WEP, WPA or WPA2 Enterprise?

WPA2 Enterpise

Make sure that the XP Client is SP3. If it is not SP3 then make sure that the hotfox is installed The Wi-Fi Protected Access 2 (WPA2)/Wireless Provisioning Services Information Element (WPS IE) update for Windows XP with Service Pack 2 is available http://support.microsoft.com/kb/893357 http://support.microsoft.com/kb/917021

One important thing WPA2 personal is supported only on XP 32 bit it is not supported on 64 bit. Check the hotfix it only applies to 32 bit.

Hmmmmm..I see... SO what can i do for the 64 bit machine?

We can do 2 things 1. Chnage the method of Encryption method 2. Upgrade to Win7 By the way Win XP has already reached EOL, better to upgrade.

Ok Thanks.I would upgrade to Win7. Once again thanks for the help.