life_j
asked on
RRAS Problem
When I am using a VPN (L2TP/IPSEC) to connect to our RRAS server. I am getting an error messages "Error 789: The L2TP connection attempt failed because the security layer and when I try again I get an error message Error 792: The L2TP connection attempt failed because security negotiation timed out. Any ideas why I am getting this error message.
Could any one tell what ports need to be opened for L2TP/IPSEC and what are protocols on which the L2TP/IPSEC.
Could any one tell what ports need to be opened for L2TP/IPSEC and what are protocols on which the L2TP/IPSEC.
"Error 789" error message when you use an L2TP VPN client through a Windows 2000 Terminal Services client session
http://support.microsoft.com/?kbid=326751
How to configure a L2TP/IPSec connection using pre-shared key authentication
http://support.microsoft.com/?id=kb;en-us;240262
Mutual authentication methods supported for L2TP/IPSec
http://support.microsoft.com/?id=kb;en-us;248711
Test the connection first using L2TP and a pre-shared key. Once it is working properly with a pre-shared key all of the other pieces of the puzzle fall together seemlessly.
You can use IPSEC over L2TP -
http://support.microsoft.com/default.aspx?scid=kb;en-us;265112
Otherwise, troubleshooting steps are here:
http://support.microsoft.com/default.aspx?scid=kb;en-us;314831
The timeouts suggest that port 500 is being blocked along the way.
http://www.giac.org/practical/Asa_Elkins_GCNT.doc
Check your Ethernet Card :-
http://dev.xs4all.nl/adslonline/nederlands/raserrors.htm
http://support.microsoft.com/?kbid=326751
How to configure a L2TP/IPSec connection using pre-shared key authentication
http://support.microsoft.com/?id=kb;en-us;240262
Mutual authentication methods supported for L2TP/IPSec
http://support.microsoft.com/?id=kb;en-us;248711
Test the connection first using L2TP and a pre-shared key. Once it is working properly with a pre-shared key all of the other pieces of the puzzle fall together seemlessly.
You can use IPSEC over L2TP -
http://support.microsoft.com/default.aspx?scid=kb;en-us;265112
Otherwise, troubleshooting steps are here:
http://support.microsoft.com/default.aspx?scid=kb;en-us;314831
The timeouts suggest that port 500 is being blocked along the way.
http://www.giac.org/practical/Asa_Elkins_GCNT.doc
Check your Ethernet Card :-
http://dev.xs4all.nl/adslonline/nederlands/raserrors.htm
ASKER
No I am getting an error: 781 No valid certificate available.
Evaning after installing the certificates on both the server and the client
Evaning after installing the certificates on both the server and the client
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
When I try connecting with a pre shared key, I am getting an error message 792 and when I am tring to connect with the certificates I am getting an error message saying 781.
Let me explain you completely what I tried.
We have a SBS on which we installed RRAS to accept incoming conenctions for PPTP.I installed certificate services on the SBS .I manually installed the certicate on the server and then from my home pC I connected to my SBS server through PPTP and downloaded the certificate by typing in the browser http:\\SBS\certsrv.
I changed the PPTP connection to use L2TP/IPsec but wasn't succesfull.
Then in connection properties changed as follows ->secuity-> I changed to Advanced (custom settings)-> use EAP. But this attempt has failed too.
Any thoughts.
Partex I did what you said in the above comment. With no luck
Let me explain you completely what I tried.
We have a SBS on which we installed RRAS to accept incoming conenctions for PPTP.I installed certificate services on the SBS .I manually installed the certicate on the server and then from my home pC I connected to my SBS server through PPTP and downloaded the certificate by typing in the browser http:\\SBS\certsrv.
I changed the PPTP connection to use L2TP/IPsec but wasn't succesfull.
Then in connection properties changed as follows ->secuity-> I changed to Advanced (custom settings)-> use EAP. But this attempt has failed too.
Any thoughts.
Partex I did what you said in the above comment. With no luck
Here are a couple of reasons for the error messages you are receiving.
Error 789
http://support.microsoft.com/?kbid=326751
Error 792
http://support.microsoft.com/default.aspx?scid=kb;en-us;Q299307
If these don't work, try the following to do some basic troubleshooting and information gathering and report back.
http://support.microsoft.com/?kbid=257225