troubleshooting Question

VPN wont accept domain username and password

Avatar of Creodus
CreodusFlag for United Kingdom of Great Britain and Northern Ireland asked on
VPNWindows Server 2003
10 Comments3 Solutions4095 ViewsLast Modified:
Hi All
This Win 2003 server was configured successfully with RRAS to allow domain users to VPN connect without issue.  Unfortunately for reasons I wont go into here, RRAS had to be removed from the server, but was recently reinstalled and since then we have not been able to successfully VPN back into the server.

Setup:
Server is mulitihomed (2 NICs) and uses RRAS to NAT and basic firewall.  Ports are forwarded from the Basic Firewall internally to the LAN side NIC.  Telnet to <static ip address> 1723 connects successfully. There is no IAS and no RADIUS. Server DHCP provides IP addresses to VPN ports.

Internet access is via a Draytek 2820 ADSL router, which was NOT reconfigured when RRAS was removed and retained all the previous successful connection settings, ports etc. I am certain of this as we took a config backup before RRAS was removed and re-instated it to be sure.

User accounts are granted permission to connect via Remote Access Policy.  Remote Access Policy is configured to allow "Domain Users" granted access.  Security setup on the Remote Access Policy and the RRAS properties are set to match with only MS-CHAP v2 and MS-CHAP.

Client connection setup is using the defaults - Require Secured Password but with Network set to PPTP VPN only (for ease of testing only at this stage, would normally be auto).

Error:
When the client attempts to connect, the progress states "Connecting to <static ip>...," then "Verifying username and password...," then a box is displayed stating " Windows was unable to connect to the network using the username and password you provided. Please re-enter the username and password" with entry fields for the username and password etc.  If you attempt to use the correct credentials twice more, the connection is dropped and the error essage "Disconnected: Error 734 the PPP link protocol was terminated." is displayed then a redial is attempted.  

The RRAS logs do not show a non-successful login, even though the server appears to be checking credentials.

We have unistalled and re-installed RRAS, reconfirgured again but no change  - same problem.

Any ideas please?
C
Join the community to see this answer!
Join our exclusive community to see this answer & millions of others.
Unlock 3 Answers and 10 Comments.
Join the Community
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 3 Answers and 10 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros