All SBS 2003 clients lost VPN connection

Home Forums Server Operating Systems SBS 2000 / 2003 / 2008 / 2011 All SBS 2003 clients lost VPN connection

Viewing 1 post (of 1 total)
  • Author
  • Avatar


    I am running SBS 2003 SP2 with a number of mobile user clients running Vista and Windows 7. Some time back all clients lost the ability to connect to the server via VPN. From my Vista 64 bit PC the connection attempt is initiated but fails almost immediately with the Vista message asking me to

    “Re-enter my username and password”
    “Windows could not connect using the user name and password you provided”.

    If I examine the event logs, the following entries appear at the time of the attempt:

    1) Event ID 20221, which has the following settings:

    CoId={B8AB6AE8-9D8B-45F3-884A-16212B2E4194}: The user **** has started dialing a VPN connection using a all-user connection profile named **** Server.

    The connection settings are:
    Dial-in User = Administrator
    VpnStrategy = PPTP
    DataEncryption = Require
    PrerequisiteEntry =
    CompartmentsEnabled = No
    AutoLogon = No
    UseRasCredentials = Yes
    CustomAuthKey =
    AuthRestriction Mask = 0x00000200
    RasIpv4DefaultGateway = Yes
    Ipv4AddressAssignment = By Server
    Ipv4DNSServerAssignment = By Server
    RasIpv6DefaultGateway = Yes
    Ipv6DNSServerAssignment = By Server
    IpDnsFlags =
    IpNBTEnabled = Yes
    UseFlags = Private Connection
    IpSecFlags = No Pre-shared key
    ConnectOnWinlogon = No.

    2) Event ID 20222
    3) Event ID 20223
    4) Event ID 20224, which icludes the message

    CoId={B8AB6AE8-9D8B-45F3-884A-16212B2E4194}: The link to the Remote Access Server has been established by user ****.

    and then finally

    5) Event ID 20226, which includes the following desription:

    CoId={792D6B11-974D-4A41-9F13-12447360F7F0}: The user **** dialed a connection named ***** Server which has terminated. The reason code returned on termination is 829.

    The server has no entires in the event logs at all regarding the connection attempt.

    I have checked the following:

    1) I can ping the IP address of the server and its FQDM
    2) I have run the Configure Routing And Remote Access wizard again form the To-Do List.
    3) Checked the authentication methods on the Routing And Remote Access snap-in. Here I have set Windows Authentication and Windows Accounting, with authentication methods MS-CHAP v2 and MS-CHAP being selected.
    4) I have checked the router to ensure that port 1723 is open for the VPN.
    5) I have set the encryption level on the RAS Server to MPPE 128 Bit and set the properties of the client VPN to Maximum strength encryption (disconnect if server declines).

    When attempting to connect via a Windows 7 PC, error 809 is generated.

    Examing the System event log on the Windows 7 client shows the following warning:

    Event ID 1006 DNS Client Events

    The client was unable to validate the following as active DNS server(s) that can service this client. The server(s) may be temporarily unavailable, or may be incorrectly configured.

    It may be worth noting that the Windows 7 machine was connected via the LAN to the server at the time of the attempt.

    I have the RAS logs from both clients but they are too big to attach as an archive. If it helps to see them I can upload them in sections.

    Many thanks


Viewing 1 post (of 1 total)

You must be logged in to reply to this topic.