Re: Server 2003 IAS and VPN problem (not ISA server)
- From: "Jim Harrison \(MSFT\)" <jmharr@xxxxxxxxxxxxxxxxxxxx>
- Date: Fri, 26 May 2006 11:55:57 -0700
Make sure you use the form "domain\username" or "username@xxxxxxxxxx"
--
--
Jim Harrison [ISA SE]
Read the help, books and articles!
This posting is provided "AS IS" with no warranties, and confers no rights.
"denilia" <denilia@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message news:FC7AA7B1-8B46-45B6-BEE2-06C16219EFFC@xxxxxxxxxxxxxxxx
That was my guess too. but there si no policy for password exparation, and I
reset the password a few times. Plus this is my admin user account and
password.
"Jim Harrison (MSFT)" wrote:
in that case, the account or password specified is incorrect or expired.
--
--
Jim Harrison [ISA SE]
Read the help, books and articles!
This posting is provided "AS IS" with no warranties, and confers no rights.
"denilia" <denilia@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message news:195F26AF-14B7-4B24-9B51-A49DA19AD5E2@xxxxxxxxxxxxxxxx
Yes, this user is in VPN windows group, which specified in IAS configuration.
In acount property of this account the radiobutton "Control Access through
remote access Policy" is selected.
"Jim Harrison (MSFT)" wrote:
The error message:
"Reason = Authentication was not successful because an unknown user name or incorrect password was used."
...is clear; the logon attempt is failing due to either a bad user account or password
Are you sure this user has the right to log in via VPN?
This is part of the RRAS or account policies (depending on how you configured it).
--
--
Jim Harrison [ISA SE]
Read the help, books and articles!
This posting is provided "AS IS" with no warranties, and confers no rights.
"denilia" <denilia@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message news:4E2B9533-41AD-47C6-9DB3-12DAF7F2E162@xxxxxxxxxxxxxxxx
hi all
I Have server 2003 with IAS service installed and configured to use RADIUS
standart to authinicate to VPN. IAS is registerd with AD.
When I'm connecting to VPN it prompts for y domain user name and password.
However authinication fails. in Logs I can see this error:
User Username was denied access.
Fully-Qualified-User-Name = DOMAIN\Username
NAS-IP-Address = 192.168.1.xxx
NAS-Identifier = <not present>
Called-Station-Identifier = <not present>
Calling-Station-Identifier = xxx.xxx.xxx
Client-Friendly-Name = PIX
Client-IP-Address = 192.168.1.xxx
NAS-Port-Type = <not present>
NAS-Port = 182
Proxy-Policy-Name = Use Windows authentication for all users
Authentication-Provider = Windows
Authentication-Server = <undetermined>
Policy-Name = <undetermined>
Authentication-Type = PAP
EAP-Type = <undetermined>
Reason-Code = 16
Reason = Authentication was not successful because an unknown user name or
incorrect password was used.
After a sever tries, my account get locked out. so, it means that I can pass
PIX and start authinication.
I verified shared secrets and password. I used this article to double check
my work:
http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00800b6099.shtml#config-2003
Please help me....
Thank you
.
- Follow-Ups:
- Re: Server 2003 IAS and VPN problem (not ISA server)
- From: denilia
- Re: Server 2003 IAS and VPN problem (not ISA server)
- References:
- Re: Server 2003 IAS and VPN problem (not ISA server)
- From: Jim Harrison \(MSFT\)
- Re: Server 2003 IAS and VPN problem (not ISA server)
- From: Jim Harrison \(MSFT\)
- Re: Server 2003 IAS and VPN problem (not ISA server)
- From: denilia
- Re: Server 2003 IAS and VPN problem (not ISA server)
- Prev by Date: Re: Server 2003 IAS and VPN problem (not ISA server)
- Next by Date: Re: Server 2003 IAS and VPN problem (not ISA server)
- Previous by thread: Re: Server 2003 IAS and VPN problem (not ISA server)
- Next by thread: Re: Server 2003 IAS and VPN problem (not ISA server)
- Index(es):
