CypherBitMemberAug 03, 2009 at 2:15 am #143537
I just set up (am trying to) my first RAS to support PPTP VPN on a Windows 2008 member server. I leaned (eventhough mine is PPTP and IIS, certs are not needed) on http://www.windowsecurity.com/articles/Configuring-Windows-Server-2008-Remote-Access-SSL-VPN-Server-Part2.html
I’m unable to connect with all the clients I test with (XP, Vista, Win 7), I’ve tried different settings as far as authentication, I’ve selected PPTP VPN (not Automatic), disabled IPv6. All machines were rebooted several times.
The ports seem to be open correctly (1723 and GRE – http://blogs.technet.com/rrasblog/archive/2006/06/14/which-ports-to-unblock-for-vpn-traffic-to-pass-through.aspx), portqry confirms it for TCP.
The server is added to the group RAS and IAS Servers group.
The account which I’m trying to connect to has been granted Allow access under Network Access Permission in the Dial-Up tab.
All the appropriate services seem to be started just fine.
I haven’t yet installed a NPS, this will be done at a later time (I need to get this working without one first).
When I try to connect, I get these Event IDs (Application log) on the client 20221, 20222, 20223, 20224 (all just informational) and then it errors out with 20227 the reason give in is failure is 718 (the server didn’t respond in a timely manner).
On the server I also see some errors in the Application log: Error 4402 The description for Event ID 4402 from source NPS cannot be found. Either the component that raises this event is not installed on your local computer o the installation is corrupted.
Again I don’t have a NPS installed. I only installed Routing and Remote Access Services and Remote Access Service (looking at the Role Services in Server Manager).
And in the System log: Error 20255 The following error occurred in the Point to Point Protocol module on port: VPN2-127, UserName: domainuser. The connection was prevented because a policy configured on a RAS/VPN server. Specifically, the authentication method used by the server to verify your username and password may not match the authentication method configured in your connection profile.
Which is odd. On the server I have enabled EAP, MS-CHAP v2 and CHAP. On the client I have even tried Optional Encryption and CHAP, MS-CHAP v2 are checked.
Any assistance would be great.
You must be logged in to reply to this topic.