Solved

VPN 619 Error -Selective Users - WIN2k8 R2

Posted on 2013-10-31
4
487 Views
Last Modified: 2013-11-06
Hello All,

Bizzarre issue.. A few users including myself this morning is unable to connect to the VPN, although a handful of other users can.

Myself and the other ones having issues were all able to connect last night to the VPN with no issues, but this morning we are recieving the following error :

Windows could not connect using the user name and password provided.  Error 619

Troubleshooting steps :

1. Verified my credentials are valid
2. verified I can VPN with the Administrator account as well as a handful of other accounts
3. Verified no changes have been made on policy or the affected USERS in AD
4. I recreated the PPC PPTP VPN connection
5. I have rebooted the VPN server
6. I verified DIAL IN settings in AD are configured properly
7. Verified users is a member of the Remote Access group per policy

I am stumped as to what is going on ? Help.. suggestions?
0
Comment
Question by:Coupee46
  • 4
4 Comments
 
LVL 1

Author Comment

by:Coupee46
ID: 39614444
Here are a couple of the warnings and errors on the event log ont he VPN server :

Error 1 :

The connection was prevented because of a policy configured on your RAS/VPN server. Specifically, the authentication method used by the server to verify your username and password may not match the authentication method configured in your connection profile.

Warning :

CoId={97F45876-21AC-46C0-9A32-9AED2F660DF8}: The user abc\xxx connected from 68.x.x.x. but failed an authentication attempt due to the following reason: The connection was prevented because of a policy configured on your RAS/VPN server. Specifically, the authentication method used by the server to verify your username and password may not match the authentication method configured in your connection profile. Please contact the Administrator of the RAS server and notify them of this error.
0
 
LVL 1

Author Comment

by:Coupee46
ID: 39614545
I am looking at the logs some more and came across the users that is being denied access comes up with the following error :

Event ID 6273 :

Reason Code : 8
Reason : The specified user account does not exist.
0
 
LVL 1

Author Comment

by:Coupee46
ID: 39614584
Ok, so I think the issue may be with a server that one of the IT had resurrected from the dead yestesrday..

It doesnt make sense "specified user account does not exist" when AD shows my username on there, but I am betting this server that was ressurected probably had its on AD and somehow this VPN server is trying to authenticate against that AD...

standby.. as I unplug that server and retest the VPN.
0
 
LVL 1

Accepted Solution

by:
Coupee46 earned 0 total points
ID: 39614645
Update : Yup.. looks like the old server they had resurrected was the culprit.  It is acting as an AD as well on the same domain??? Anyhow.. issue resolved..

Question : Why did my VPN server look to authenticate the users from the "old" server rather than the current AD that its been authenticating from this whole time?
0

Featured Post

Do email signature updates give you a headache?

Constantly trying to correctly format email signatures? Spending all of your time at every user’s desk to make updates? Want high-quality HTML signatures on all devices, including on mobiles and Macs? Then, let Exclaimer solve all your email signature problems today!

Join & Write a Comment

Suggested Solutions

I had a question today where the user wanted to know how to delete an SSL Certificate, so I thought that I would quickly add this How to! Article for your reference. WHY WOULD YOU WANT TO DELETE A CERTIFICATE? 1. If an incorrect certificate was …
Secure VPN Connection terminated locally by the Client.  Reason 442: Failed to enable Virtual Adapter. If you receive this error on Windows 8 or Windows 8.1 while trying to connect with the Cisco VPN Client then the solution is a simple registry f…
This tutorial will give a short introduction and overview of Backup Exec 2012 and how to navigate and perform basic functions. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as conne…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now