Solved

SBS Server 2008 - VPN Error

Posted on 2010-08-25
13
1,990 Views
Last Modified: 2012-05-10
Error is :

The Routing and Remote Access service terminated with service-specific error 812 (0x32C).

and

The currently configured accounting provider failed to load and initialize successfully.
The connection was prevented because of a policy configured on your RAS/VPN server.
Specifically, the authentication method used by the server to verify your username and
password may not match the authentication method configured in your connection profile.
Please contact the Administrator of the RAS server and notify them of this error.


Any idea how to fix?

Thanks,
      Steve
0
Comment
Question by:Steve_Boston
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 6
13 Comments
 
LVL 2

Expert Comment

by:zsaurabh
ID: 33520455
Check this MS KB article

http://support.microsoft.com/kb/840686
0
 

Author Comment

by:Steve_Boston
ID: 33520473
Would that still apply ? i am running SBS 2008 the article is for 2000 and 2003. I tryed the steps in the KB but the files are not in the same space on the 2008 DVD
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 33521629
With SBS always best to use the wizards, at least first.
I would run the "Fix my Network Wizard" followed by the "configure a virtual private network". Both are located under Windows SBS console | Network | Connectivity | VPN | then select from the right hand menu

Should this not resolve, run the best practices analyzer which will often point out configuration issues:
http://www.microsoft.com/downloads/details.aspx?familyid=86a1aa32-9814-484e-bd43-3e42aec7f731&displaylang=en
0
Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 

Author Comment

by:Steve_Boston
ID: 33521882
Rob,
   when i do the Fic my Network Wizard, its showes No problems. when i do the VPN one it tells me there is an error and to look at the log and what i find is whati posted .. Hope that helps.
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 33522468
Sorry I should have realized that.

812 errors are most common with Vista clients, I am not sure why, but the most common causes are:
1) in active directory Users and Computers under the user's profile, on the dial-in tab, access is set to deny. Should be allow or allow NPS to control
2) The connecting client is set to use too 'low' a security protocol. To check, on the client PC, go to  network connections | properties of VPN/PPP connection | security | make sure MS-Chap v2 is selected. While on that page make sure VPN type is automatic or PPTP.
3) The router is also configured to be a PPTP server (i.e. you have a VPN router and it is setup to accept PPTP connections). Must be disabled on router to allow pass through of PPTP packets to server.
4) Where you used the wizard it is unlikely any of these are wrong, but you may want to check the Network Policy Server settings (under administrative tools) to compare the following options. These are user and location restriction policies. If they have been modified thy can affect access by specific users, groups, or IP's.

General Connection Authorization Policy:
  Overview:
    policy enabled
    grant access
   Ignore account dial in properties
   Terminal server gateway
 Conditions:
    NAS port type Virtual(VPN)
    User Groups Your\Domain\DomainUsers
    Called Station ID UserAuthType(SCPW)
 Settings make sure under NAP enforcement Allow full network access is checked

Virtual Private Network (VPN) Access policy [Primary VPN policy]:
General Connection Authorization Policy:
  Overview:
    policy enabled
    grant access
   Ignore account dial in properties
   Remote Access Server (VPN DialUp)
 Conditions:
    NAS port type Virtual(VPN)
    User Groups Your\Domain\Windows SBS Virtual Private Network Users
    Called Station ID UserAuthType(SCPW)
 Settings make sure under NAP enforcement Allow full network access is checked as well as Enable auto-remediation of client computers
0
 

Author Comment

by:Steve_Boston
ID: 33522657
.. also i am seeing now that the Routing and Remote access, i can not start the service. i am getting the same error. it is at a stoped state and can not be started.
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 33522721
Interesting. I would open the services management console, look at the properties for the RRAS service and verify each of the "dependencies" has started. Also when you try to start and it fails, see if there is a related error in the event log, probably under system.
0
 

Author Comment

by:Steve_Boston
ID: 33522770
YES:
   The Routing and Remote Access service terminated with service-specific error 812 (0x32C).
0
 
LVL 77

Accepted Solution

by:
Rob Williams earned 500 total points
ID: 33522945
I guess I was missing the fact that the SERVICE terminated and not the connection terminated due to 812 error.
An 812 error is usually  a client connection error with mis-matched policies as the error message states.

I assume then if RRAS will not start, you also cannot access the RRAS console and look at the RRAS policies?
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 33522979
Were all dependent services for RRAS started?
0
 

Author Comment

by:Steve_Boston
ID: 33523196
yes
0
 

Author Comment

by:Steve_Boston
ID: 33523225
ok ..... i dont know how ... the SQL Server logging was enabled and was pointed to the CRM SQL DB i deleted it and it is now working fine ...
 


does that make sence?
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 33523513
Sorry stepped out for a bit.
No It doesn't make any sense to me at all. I would have thought it was totally unrelated. However, lots I don't know.
0

Featured Post

On Demand Webinar - Networking for the Cloud Era

This webinar discusses:
-Common barriers companies experience when moving to the cloud
-How SD-WAN changes the way we look at networks
-Best practices customers should employ moving forward with cloud migration
-What happens behind the scenes of SteelConnect’s one-click button

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you use NetMotion Mobility on your PC and plan to upgrade to Windows 10, it may not work unless you take these steps.
The recent Microsoft changes on update philosophy for Windows pre-10 and their impact on existing WSUS implementations.
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question