Solved

VPN 619 Error -Selective Users - WIN2k8 R2

Posted on 2013-10-31
4
507 Views
Last Modified: 2013-11-06
Hello All,

Bizzarre issue.. A few users including myself this morning is unable to connect to the VPN, although a handful of other users can.

Myself and the other ones having issues were all able to connect last night to the VPN with no issues, but this morning we are recieving the following error :

Windows could not connect using the user name and password provided.  Error 619

Troubleshooting steps :

1. Verified my credentials are valid
2. verified I can VPN with the Administrator account as well as a handful of other accounts
3. Verified no changes have been made on policy or the affected USERS in AD
4. I recreated the PPC PPTP VPN connection
5. I have rebooted the VPN server
6. I verified DIAL IN settings in AD are configured properly
7. Verified users is a member of the Remote Access group per policy

I am stumped as to what is going on ? Help.. suggestions?
0
Comment
Question by:Coupee46
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
4 Comments
 
LVL 1

Author Comment

by:Coupee46
ID: 39614444
Here are a couple of the warnings and errors on the event log ont he VPN server :

Error 1 :

The connection was prevented because of a policy configured on your RAS/VPN server. Specifically, the authentication method used by the server to verify your username and password may not match the authentication method configured in your connection profile.

Warning :

CoId={97F45876-21AC-46C0-9A32-9AED2F660DF8}: The user abc\xxx connected from 68.x.x.x. but failed an authentication attempt due to the following reason: The connection was prevented because of a policy configured on your RAS/VPN server. Specifically, the authentication method used by the server to verify your username and password may not match the authentication method configured in your connection profile. Please contact the Administrator of the RAS server and notify them of this error.
0
 
LVL 1

Author Comment

by:Coupee46
ID: 39614545
I am looking at the logs some more and came across the users that is being denied access comes up with the following error :

Event ID 6273 :

Reason Code : 8
Reason : The specified user account does not exist.
0
 
LVL 1

Author Comment

by:Coupee46
ID: 39614584
Ok, so I think the issue may be with a server that one of the IT had resurrected from the dead yestesrday..

It doesnt make sense "specified user account does not exist" when AD shows my username on there, but I am betting this server that was ressurected probably had its on AD and somehow this VPN server is trying to authenticate against that AD...

standby.. as I unplug that server and retest the VPN.
0
 
LVL 1

Accepted Solution

by:
Coupee46 earned 0 total points
ID: 39614645
Update : Yup.. looks like the old server they had resurrected was the culprit.  It is acting as an AD as well on the same domain??? Anyhow.. issue resolved..

Question : Why did my VPN server look to authenticate the users from the "old" server rather than the current AD that its been authenticating from this whole time?
0

Featured Post

Surfing Is Meant To Be Done Outdoors

Featuring its rugged IP67 compliant exterior and delivering broad, fast, and reliable Wi-Fi coverage, the AP322 is the ideal solution for the outdoors. Manage this AP with either a Firebox as a gateway controller, or with the Wi-Fi Cloud for an expanded set of management features

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

OfficeMate Freezes on login or does not load after login credentials are input.
A procedure for exporting installed hotfix details of remote computers using powershell
This tutorial will walk an individual through the steps necessary to configure their installation of BackupExec 2012 to use network shared disk space. Verify that the path to the shared storage is valid and that data can be written to that location:…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…

756 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question