VPN/Remote User cannot access a Server


We have a remote user who needs access to a server. They've never had a problem in the past. They can VPN into our network using their domain credentials but they cannot remote into the specific server that they need. The connection times outs. Users on the internal network can access the server.

It looks like one of our DHCP servers is rejecting them? I'm not sure how it could be a PW issue. The same credentials that allow the users to access the network via VPN should allow them access to the server.

User XXX was denied access.

Proxy-Policy-Name = Connection request policy
Authentication-Provider = Windows
Authentication-Server = <undetermined>
Policy-Name = <undetermined>
Authentication-Type = PAP
EAP-Type = <undetermined>
Reason-Code = 16
Reason = Authentication was not successful because an unknown user name or incorrect password was used.
Who is Participating?
Michael MachieConnect With a Mentor Full-time technical multi-taskerCommented:
I would check the Remote Users group and make sure that User is added. If you are a domain admin you will be able to RDP regardless of the group settings.
maybe try domain\username instead of just username when prompted for the credentials.
grindsmygeaqrsAuthor Commented:
They can't reach the machine itself to even enter them.
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Michael MachieFull-time technical multi-taskerCommented:
The message does specify a credential issue so trying IKtech's suggestion should be the first option.

You also may want to try using the IP address of the server rather than Name. I say this because if you have a VPN group that is configured for split-tunnel, DNS resolution may be a problem, resulting in the inability to find your servers by name. The split-tunnel is used to allow the VPN connected User to access their local resources for internet and peripherals while still allowing access to the Enterprise servers/shares via IP.
Also, re-verify that the User is part of the Remote Users Group. If this access is taken away then they won't be able to RDP either.
what type of vpn server are you using?  Is it windows?  Can you connect the same way with a different PC and your user credentials?  Can you connect using a different PC and the users credentials?

If you can connect using a different pc and the user credentials it would seem the problem is associated with the users PC whether it is a reinstall of the vpn client or a setting or other at least you can narrow it down to the users PC.

If you can't connect using a different PC and the users credentials it would seem something is wrong with the users account.

Can the user connect to other resources after connecting to the VPN server?

You might also check the firewall on the server.
grindsmygeaqrsAuthor Commented:
We use Cisco ASA for VPN. They can remote into other machines on the network.. just not that one. Also, I can remote into the machine from internally on the network.
Michael MachieFull-time technical multi-taskerCommented:
Glad this is resolved for you and thanks!
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.