Problem Cisco 877W RADIUS problem

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

Im trying to set up a cisco 877w for wireless access with two ssid's (one to bypass the tmg server) ive setup NPS on server 2008 R2 for cisco but im not even getting as far as the radius prompt. Ive tried connecting and i simply get a generic failed to connect exception.

I plan on using my own DHCP servers so id just like to get clients to "limited connectivity"


My config is below if anyone can suggest whats stoping me from connecting

Code:

  
! 
version 15.1
no service pad
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname Cisco877W
!
boot-start-marker
boot-end-marker
!
!
logging buffered 51200
logging console informational
!
aaa new-model
!
!
aaa group server radius rad_eap
 server 10.0.0.3
!
aaa group server radius rad_mac
 server 10.0.0.3
!
aaa group server radius rad_acct
 server 10.0.0.3
!
aaa group server radius rad_admin
 server 10.0.0.3
!
aaa group server radius rad_pmip
 server 10.0.0.3
!
aaa group server radius dummy
!
aaa authentication login local_authen local
aaa authentication login eap_methods group rad_eap
aaa authentication login mac_methods local
aaa authorization exec local_author local 
aaa authorization ipmobile default group rad_pmip 
aaa accounting network acct_methods start-stop group rad_acct
!
!
!
!
!
aaa session-id common
crypto pki token default removal timeout 0
!
crypto pki trustpoint TP-self-signed-3982983999
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-3982983999
 revocation-check none
 rsakeypair TP-self-signed-3982983999
!
!
crypto pki certificate chain TP-self-signed-3982983999
 certificate self-signed 01 
  	quit
dot11 syslog
dot11 vlan-name GuestWiFi vlan 3
dot11 vlan-name ADDomain-WiFi-Access vlan 2
!
dot11 ssid Guest WiFi
 vlan 3
 authentication open mac-address mac_methods eap eap_methods 
 authentication network-eap eap_methods mac-address mac_methods 
 accounting acct_methods
 mbssid guest-mode
!
dot11 ssid MyAD.Domain
 vlan 2
 authentication open mac-address mac_methods eap eap_methods 
 authentication network-eap eap_methods mac-address mac_methods 
 accounting acct_methods
 mbssid guest-mode
!
ip source-route
!
!
!
ip cef
ip domain name MyAD.Domain
ip name-server 8.8.8.8
!
!
!
!
username localadmin privilege 15 secret 5  
!
!
!
! 
!
!
!
!
!
interface ATM0
 no ip address
 no atm ilmi-keepalive
!
interface ATM0.1 point-to-point
 pvc 8/35 
  pppoe-client dial-pool-number 1
 !
!
interface FastEthernet0
 switchport access vlan 10
 no ip address
!
interface FastEthernet1
 no ip address
!
interface FastEthernet2
 no ip address
!
interface FastEthernet3
 no ip address
!
interface Dot11Radio0
 no ip address
 ip flow ingress
 ip flow egress
 !
 encryption vlan 2 mode ciphers aes-ccm 
 !
 encryption vlan 3 mode ciphers aes-ccm 
 !
 ssid Guest WiFi
 !
 ssid MyAD.Domain
 !
 mbssid
 speed basic-1.0 2.0 5.5 6.0 9.0 11.0 12.0 18.0 24.0 36.0 48.0 54.0
 no preamble-short
 station-role root access-point
!
interface Dot11Radio0.2
 encapsulation dot1Q 2
 ip address 10.0.1.1 255.255.255.0
 ip flow ingress
 ip flow egress
!
interface Dot11Radio0.3
 encapsulation dot1Q 3
 ip address 10.0.3.1 255.255.255.0
 ip flow ingress
 ip flow egress
!
interface Vlan1
 ip address 10.0.0.10 255.255.255.0
 ip flow ingress
 ip flow egress
 ip nat inside
 ip virtual-reassembly in
 ip tcp adjust-mss 1412
!
interface Vlan2
 no ip address
 ip flow ingress
 ip flow egress
!
interface Vlan3
 no ip address
 ip flow ingress
 ip flow egress
!
interface Vlan10
 ip address 10.0.2.1 255.255.255.0
 ip flow ingress
 ip flow egress
 ip nat inside
 ip virtual-reassembly in
 ip tcp adjust-mss 1412
!
interface Dialer0
 ip address negotiated
 ip mtu 1452
 ip flow ingress
 ip nat outside
 ip virtual-reassembly in
 encapsulation ppp
 dialer pool 1
 dialer-group 1
 ppp authentication chap callin
 ppp chap hostname eircom
 ppp chap password 7 0111140B5A0F040E2F481F
!
ip forward-protocol nd
ip http server
ip http authentication local
ip http secure-server
ip flow-export version 9
ip flow-export destination 10.0.0.1 2055
!
ip nat inside source list 1 interface Dialer0 overload
ip route 0.0.0.0 0.0.0.0 Dialer0
!
ip radius source-interface FastEthernet1 
logging 10.0.0.1
access-list 1 remark SDM_ACL Category=2
access-list 1 permit 10.0.0.0 0.0.0.255
access-list 1 permit 10.0.2.0 0.0.0.255
dialer-list 1 protocol ip permit
!
!
!
!
radius-server local
!
radius-server host 10.0.0.3
radius-server key 7  snip
!
!
control-plane
!
!
line con 0
 no modem enable
line aux 0
line vty 0 4
 privilege level 15
 login authentication local_authen
 transport input ssh
!
sntp logging
sntp server 10.0.0.2
end