Wireless users are not able to authenticate through a RADIUS server

SCENARIO / SYMPTOM

•    Internal wireless(W0) is being used
•    Authentication WPA2-EAP
•    The authentication goes through fine from SNWL
User ->Settings-> Test Radius users

•    SNWL LAN IP was added as radius client on the server and a Network Policy was added for the same  

Conditions were configured as follows:
•    Users groups were added (Wireless group  on the AD )
•    Configured SNWL LAN IP as NAS IPv4 & Client IPv4
•    Was using both PEAP &  EAP methods
•    MSCHAP V2, MSCHAP authentication types are already configured
•    But still the wireless users are unable to get authenticated from Radius

•    Tried by bridging the interface X0 and W0 but to no avail
•    Tried to upgrade the firmware of the SNWL to 5.8.1.15(General Release) and tested. Still no resolution
•    The packet capture on SNWL shows Access request sent from the SNWL, but server was sending Access reject back
•    It gives the error ‘user credentials are incorrect’, although the same user, was able to authenticate from the SNWL radius test page
•    Created a new test user on the Customer’s LDAP server, still to no avail. Same error was thrown

RESOLUTION/WORKAROUND

   Turned off ‘Guest services’ under Zones and then the Wireless users were able to get authenticated   

Note:
Related KB article:
Configuring RADIUS authentication for Global VPN Clients with Network Policy and Access Server from Microsoft Windows 2008 (With video tutorial of Radius Authentication)
URL: https://www.fuzeqna.com/SonicWallkb/ext/kbdetail.aspx?kbid=6591