OK Experts try this one:
Had SBS2003 Domain Controller, and a box with Server Standard 2008 also which was used to connect to via PPTP VPN from remote offices. Could also RDP into the Server 2008
Repalced SBS2003 with new SBS 2011 Standard
Since the changeover all systems work fine however I cannot access the Server 2008 box via VPN or RDP. VPN is the critical one to us but I suspect it might be related.
VPN appears to connect as I get an error logged in the 2008 Server along the lines of either:
"The user USERNAME has connected and failed to authenticate on port VPN3-127. The line has been disconnected"
"The user USERNAME connected from 18.104.22.168 but failed an authentication attempt due to the following reason: The connection was prevented because of a policy configured on your RAS/VPN server. Specifically, the authentication method used by the server to verify your username and password may not match the authentication method configured in your connection profile."
The username and password are correct as I can log them on locally, connect to exchange and so on, the user is allowed VPN access in SBS Console, The user is allow access to "Dial in" in the Active Directory Users and is also a member of remote desktop users, Administrators, Domain Admins and our VPN_Users Security Group.
I've tried every conceivable combination of security on the client side. Tried Windows XP, Windows 7 and Windows 8 Clients all with the same result.
I've configured policy for firewall, for allow remote access, and re-setup the RRAS Role.
Ports 1723 and GRE are forwarded in the router fine (It was working with the previous SBS2003 DC and the error messages recorded would indicate a connection)
The terminal server/Radius server are a different server to domain controller so I added the radius server computer account to the RAS and IAS Servers security group for this domain by using "netsh ras add registeredserver domain=OUR_DOMAIN server=SERVER2008NAME on the domain controller.....
I'm out of ideas here....and feeling the frustration!
Does anyone out there have anything that could help please! At this point I'll try anything!
Thank you Experts....