Re: Routing and Remote Access - Authentication Failure

http://i43.tinypic.com/rvd2l1.png

Looks fine

http://i41.tinypic.com/2ez0n7k.png

Looks fine

http://i44.tinypic.com/s49rsy.png

Looks fine

http://i39.tinypic.com/2wew9yf.png

This might be a problem. I understand you said the VPNSERVER and the
CLIENT were on the same network segment, but if your using your
VPNSERVER as a secure way to access a remote network, then "Routing"
needs to be checked to access any other remote network beyond the
VPNSERVER.

http://i42.tinypic.com/2h32cqx.png

At the bottom you have "Allow custom IPSec Policy for L2TP connection"
and it looks like you have a pre-shared key typed in. If the client
doesn't also have this key configured, the connection will fail.

http://i43.tinypic.com/5b8arm.png

Looks fine

http://i39.tinypic.com/2ljt7js.png

Generally, if you have a DHCP server on the network, you wouldn't want
to configure a static address pool, as Ace had mentioned. Also, is the
scope of the static address pool in the same subnet as the network you
are trying to access from the VPNSERVER? If not, you wont be able to
access anything beyond the VPNSERVER.

http://i40.tinypic.com/a32mbc.png

Not really applicable unless you were using ISDN or multiple modems to
establish the vpn connection

I know for MS-CHAP v1 the password cannot exceed 14 characters, but as
Ace had mentioned, any non-windows machine is going to use CHAP
anyways. I would also agree with Ace's advise about using the password
requirements for your domain, if you are on one.

Speaking of Domain or Workgroup, the account you are using to
establish the connection must either be in AD or configured in the
local SAM of the VPNSERVER if it is a workgroup. If you are on a
domain and have an account in AD, I would suggest looking at the
Remote Access Policies in Routing and Remote Access. Is the username a
member of a group that hasn't been configured with a Remote Access
Policy? Does the AD account have dial-in permissions? Also the client,
server, and policy all have to be configured with at least one common
authentication protocol and encryption strength.

Hope this helps.
.

Relevant Pages

  • Re: Netlogon error 5783 after SP4
    ... How to Setup Windows, Network, VPN & Remote Access on ... Server 2003 Domain Controllers are clean and the dcdiag/netdiag tests I ran ... An IPconfig /all on the client shows all the correct ... > How to Setup Windows, Network, VPN & Remote Access on http://www.HowToNetworking.com ...
    (microsoft.public.win2000.networking)
  • Win2000 Professional SP3 Reset Host-Client File Security. How can I fix?
    ... Routing and Remote Access enabled and on ... client still, and check boxes in network for Client for MS ... >think that's the answer as the settings are unassigned). ...
    (microsoft.public.win2000.security)
  • remote ACCESS
    ... I can not seem to gain remote access to the client computers from the server, ... Yet the client can log on to the network, ...
    (microsoft.public.windows.server.sbs)
  • RE: [fw-wiz] PIX -> ISA -> OWA Configuration
    ... That makes a lot of assumptions about what constitutes 'VPN' access. ... Which brings me to my point, which is that the stereotypical client VPN ... So many people get this part of their remote access ... your network - I can't see inside! ...
    (Firewall-Wizards)
Loading