Solved

VPN error 812 when using Smartcard certificate with TMG

Posted on 2012-03-09
1
1,464 Views
Last Modified: 2012-03-26
Hello

Yesterday unexeptedly our VPN connection rejecting logins. The error code:

"
812: The connection was prevented because of a policy configured on your RAS/VPN server. Specifically, the authentication method used by the server to verify your username and password may not match the authentication method configured in your connection profile. Please contact the Administrator of the RAS server and notify them of this error."

We are using Smartcard certificate with L2TP/IPSEC preshared key.


Both MS CHAP2 and EAP Smartcard certificate enabled in NPS.

When users use Username and password the connection was working. But when we use user certificate (which is a deployed configuration):

VPN disconnected with error 812.

In the event log:

EventID 20271
"CoId={ADD905DC-FBCA-4641-BDB4-0181A8ADCD96}: The user Andorn@xxx.hu connected from 195.xxx.xxx.xxx but failed an authentication attempt due to the following reason: The connection was prevented because of a policy configured on your RAS/VPN server. Specifically, the authentication method used by the server to verify your username and password may not match the authentication method configured in your connection profile. Please contact the Administrator of the RAS server and notify them of this error.
"

and EventID 20255:
"
CoId={ADD905DC-FBCA-4641-BDB4-0181A8ADCD96}: The following error occurred in the Point to Point Protocol module on port: VPN2-49, UserName: Andorn@xxx.hu. The connection was prevented because of a policy configured on your RAS/VPN server. Specifically, the authentication method used by the server to verify your username and password may not match the authentication method configured in your connection profile. Please contact the Administrator of the RAS server and notify them of this error.
"


We have also Entry in Security log:

EventID 6274
"
Network Policy Server discarded the request for a user.
...
...
...
Reason:                        The Active Directory global catalog cannot be accessed
"

We traced RAS and attached ppp.log file from windows\tracing

Please help us
Thanks
PPP.LOG
0
Comment
Question by:BajuszP
1 Comment
 
LVL 10

Accepted Solution

by:
simonlimon earned 500 total points
ID: 37705724
Can you check the functioning of the domain controller that is the Global Catalog?
Also check if time is set correctly on the TMG. Also check the System Event Viewer on the TMG for any errors.


Reason:                        The Active Directory global catalog cannot be accessed
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
how to make Exchange Server using specific ISP using TMG 5 52
VL And TMG 2010 1 314
ForFront TMG Server Error 8 100
Best firewall recommendation 12 172
Forefront is the brand name for Microsoft's major security product. Forefront covers a number of specific security areas and has 'swallowed' a number of applications under this umbrella including Antigen, ISA Server, the Integrated Access Gateway (t…
There are several problems reported according slow link speeds or poor performance in TMG 2010, UAG 2010 or ISA 2006. I want to collect here some of the common issues together to give a brief overview what can be the reason. Nevertheless, not all of…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…
Many functions in Excel can make decisions. The most simple of these is the IF function: it returns a value depending on whether a condition you describe is true or false. Once you get the hang of using the IF function, you will find it easier to us…

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now