Re: VPN error 930
From: Priya Raghavan [MSFT] (priyadr_at_online.microsoft.com)
Date: 03/01/04
- Next message: Sharoon Shetty K [MSFT]: "Re: RAS Service"
- Previous message: Bill Grant: "Re: Adding Internal Interface to RRAS"
- Next in thread: Sharoon Shetty K [MSFT]: "Re: VPN error 930"
- Maybe reply: Sharoon Shetty K [MSFT]: "Re: VPN error 930"
- Messages sorted by: [ date ] [ thread ]
Date: Mon, 1 Mar 2004 11:10:36 +0530
Hi Frizzb,
There should not be any issues with respect to certificates because you are trying MSCHAP authentication.
There are 2 main causes for this error:
1. When your RADIUS server is not reachable from your VPN server.
2. This issue may occur if the computer account has permissions to read the Active Directory directory service record, but it does not have permissions to write to the Active Directory record.
In your case, the first option is not possible as you are using Windows Auth.
To resolve the second case, follow these steps:
Verify the user permissions in the Active Directory Users and Computers snap-in on a Windows 2000 domain controller. To do this, follow these steps:
1.. Click Start, point to Programs, point to Administrative Tools, and then click Active Directory Users and Computers.
2.. Expand your domain.
3.. Right-click Domain Controllers, and then click Properties.
4.. Click the Group Policy tab, click Default Domain Controllers Policy, and then click Edit.
5.. Expand Computer Configuration, expand Windows Settings, expand Security Settings, expand Local Policies, and then click User Rights Assignment.
6.. Double-click Access this computer from the network.
7.. By default, the Administrators, the Authenticated Users, and the Everyone groups are assigned this user right. If these groups are not assigned this user right, add them. To do so, click Add, locate the user or group you want to add, and then click OK two times.
Thanks,
Priya.
This posting is provided "AS IS" with no warranties and confers no rights.
Please reply to the newsgroup so that others may benefit.
"Frizzb" <anonymous@discussions.microsoft.com> wrote in message news:2d2d01c3fcde$1ee1f550$a501280a@phx.gbl...
> Hi,
>
> I'm setting up a VPN on a Windows 2000 SP4 server. It is
> configured with an internal network NIC & an internet
> enabled nic. It is set up to allocate ip addresses using
> the internal DHCP server ( so the dhcp relay agent is
> configured on the VPN box). When my Windows 2000 cliens
> attempt to access the VPN they recieve an an error 930.
>
> The VPN box reports an event id:20073 (authentication
> server did not respond to auth req in a timely fashion).
>
> Following the steps in kb articles kb 826899 and
> kb 299684 regarding group policy permissions and
> certificates did not help. The DC is setup as the CA root
> and the VPN box is enabled there as a client, the VPN box
> can be "pinged" by remote clients and it is set for
> windows authentication (MS CHAPv2 & MS CHAP)
>
> Any help is appreciated!!
- Next message: Sharoon Shetty K [MSFT]: "Re: RAS Service"
- Previous message: Bill Grant: "Re: Adding Internal Interface to RRAS"
- Next in thread: Sharoon Shetty K [MSFT]: "Re: VPN error 930"
- Maybe reply: Sharoon Shetty K [MSFT]: "Re: VPN error 930"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
