I have decommissioned a SBS2003 and migrated to SBS2008, when our users try and vpn we are getting an error. I have checked that the Administrator has dialin access.
It opens the port but then displays this error
Error 649: The account does not have permission to dial in.
This is in the system event log
The connection was prevented because of a policy configured on your RAS/VPN server. Specifically, the authentication method used by the server to verify your username and password may not match the authentication method configured in your connection profile. Please contact the Administrator of the RAS server and notify them of this error