Re: Repost - Unable to authenticate a VPN
From: David Copeland [MSFT] (davidcop_at_online.microsoft.com)
Date: 03/18/04
- Next message: Mark: "OWA"
- Previous message: jcarreira: "Does anyone have this book? SMB Consulting Best Practices"
- In reply to: MarkC: "Re: Repost - Unable to authenticate a VPN"
- Next in thread: MarkC: "Re: Repost - Unable to authenticate a VPN"
- Reply: MarkC: "Re: Repost - Unable to authenticate a VPN"
- Messages sorted by: [ date ] [ thread ]
Date: Thu, 18 Mar 2004 13:24:31 -0600
Mark,
Ok, can you install the support tools from the XP cd and then if we can get
a network trace of the machine attempting to make the VPN connection using
the connection manager client..
To install the support tools go to the following directory on the XP cd
\support\tools and then run the setup.exe
Once the tools are installed then we will need to run netcap to get the
trace.. You should be able to run netcap /? from the \program files\support
tools directory to make sure we make the buffer size large enough using
/B:10 /C: to specify the filename and /N: to make sure we get the right
nic..
On the client from a command prompt
nbtstat -R
ipconfig /flushdns
Once you have the trace started, then run the connection manager ... once
you get the error stop the trace.
Once you get the trace if you could email me a copy I will take a look at it
to.. To email me you will need to remove the "online." from my address.
-- Thanks, David Copeland Microsoft Small Business Server Support This posting is provided "AS IS" with no warranties, and confers no rights. Newsgroups: SBS v4.x : microsoft.public.backoffice.smallbiz SBS 2000: microsoft.public.backoffice.smallbiz2000 SBS 2003: microsoft.public.windows.server.sbs "MarkC" <mark@mrccit_nospam.com> wrote in message news:eE1KNsRDEHA.2308@tk2msftngp13.phx.gbl... > Hi David, > That is exactly what I did. The address resolves fine. The connection I > make from the conection manager works fine. It's the SBS created > connection > that fails. > Thanks, > Mark > > > "David Copeland [MSFT]" <davidcop@online.microsoft.com> wrote in message > news:eCh9NoRDEHA.3404@TK2MSFTNGP10.phx.gbl... >> Mark, >> >> Sorry, missed that it was from an internal client.. but just to be sure.. >> does the name server1.ACME.com resolve to the internal or external IP >> address? >> >> On the client can you make a new vpn connection and specify the server's >> internal IP address (to try and rule out any issues with the connection >> manager/configuration) >> >> >> >> -- >> >> Hope that helps, >> David Copeland >> Microsoft Small Business Server Support >> >> This posting is provided "AS IS" with no warranties, and confers no > rights. >> >> Newsgroups: >> SBS v4.x : microsoft.public.backoffice.smallbiz >> SBS 2000: microsoft.public.backoffice.smallbiz2000 >> SBS 2003: microsoft.public.windows.server.sbs >> >> >> "MarkC" <mark@mrccit_nospam.com> wrote in message >> news:%23enINhRDEHA.3472@TK2MSFTNGP09.phx.gbl... >> > Hi David, >> > That is what I did (see my message below). The results below are >> > internal. >> > This server isnt's running ISA either. The only thing between the test >> > client and the server is a switch. >> > >> > "David Copeland [MSFT]" <davidcop@online.microsoft.com> wrote in >> > message >> > news:O9XQLcRDEHA.3256@TK2MSFTNGP09.phx.gbl... >> >> Mark, >> >> >> >> Getting the error 721 and timing out when trying to authenticate the >> >> username/password typically is a sign that IP Protocol 74 (GRE) is > being >> >> blocked somewhere between the VPN client and the server.. As a quick >> >> test >> >> just to see if there appears to be a problem on the server.. can you > try >> >> making a VPN connection from an internal client to the server's > internal >> > IP >> >> address using the same username/password.. If that works.. depending >> >> on >> > your >> >> network configuration.. you might setup a machine on the external side > of >> >> the server, but inside of any router/firewall that may connect your >> > network >> >> to the Internet and see if you can still VPN in.. >> >> >> >> Some router/firewall devices may have an option of something like PPTP >> >> helper that needs to be enabled to allow the GRE packets in.. >> >> >> >> -- >> >> >> >> Hope that helps, >> >> David Copeland >> >> Microsoft Small Business Server Support >> >> >> >> This posting is provided "AS IS" with no warranties, and confers no >> > rights. >> >> >> >> Newsgroups: >> >> SBS v4.x : microsoft.public.backoffice.smallbiz >> >> SBS 2000: microsoft.public.backoffice.smallbiz2000 >> >> SBS 2003: microsoft.public.windows.server.sbs >> >> >> >> >> >> "MarkC" <mark@mrccit_nospam.com> wrote in message >> >> news:%23uCTiZRDEHA.3788@TK2MSFTNGP10.phx.gbl... >> > >> >> >I just tried the SBS VPN client again from a computer within the LAN > and >> >> > this is my error (some info changed for privacy reasons). I can > create >> > a >> >> > VPN connection with the XP Wizard >> >> > and it connects fine. I have rechecked my configuration several > times >> > but >> >> > can't seem to pinpoint the cause of this. >> >> > >> >> > [cmdial32] 10:33:49 04 Pre-Connect Event ConnectionType = 1 >> >> > [cmdial32] 10:33:49 06 Pre-Tunnel Event UserName = jdoe Domain = >> >> > ACME >> >> > DUNSetting = Connect to Small Business Server Tunnel DeviceName = >> >> > TunnelAddress = server1.ACME.com >> >> > [cmdial32] 10:34:26 20 On-Error Event ErrorCode = 721 ErrorSource = > RAS >> >> > >> >> > Different error than last time but still no solution in sight. Any >> >> > help >> >> > would be awesome! >> >> > Mark >> >> > >> >> > >> >> > >> >> > >> >> > "Jim Behning SBS MVP" <jimbehingmvp@mindspring.com> wrote in message >> >> > news:2m3i501g61es1cbsuvqgv5v90cf2nlfk4t@4ax.com... >> >> >> Your routers need to pass 47 gre aka pptp or things will not work. >> >> >> I >> >> >> test from my house where I can vpn into any properly configured >> >> >> SBS. >> >> >> If one account does not work then I have something to clear up on > that >> >> >> SBS or on their router. >> >> >> >> >> >> "MarkC" <mark@mrccit_nospam.com> wrote: >> >> >> >> >> >> >Now I have two other tid-bits to add. I tried creating my own VPN >> > client >> >> > and >> >> >> >it works fine internally but not exteranlly. What was that >> >> >> >earlier >> > post >> >> >> >about opening GRE 47? I'm sorry but I'm not familiar with GRE > 47... >> >> >> > >> >> >> >Go figure, looked on the server for a log but I never thought to > look >> > at >> >> > the >> >> >> >client. >> >> >> > >> >> >> >Here is what I found from the SBS created VPN client on the same > lan: >> >> >> > >> >> >> >[cmdial32] 10:33:52 21 On-Error Event ErrorCode = 628 ErrorSource >> >> >> >= >> > RAS >> >> >> > >> >> >> >Thanks, >> >> >> >Mark >> >> >> > >> >> >> >""Chris Ard [MSFT]"" <ChrisArd@online.microsoft.com> wrote in > message >> >> >> >news:50If0nEDEHA.3464@cpmsftngxa06.phx.gbl... >> >> >> >> So on a client on the internal LAN it does the same thing? What >> > error >> >> >> >> message does it return when it times out? >> >> >> >> >> >> >> >> Chris Ard >> >> >> >> Small Business Server >> >> >> >> Enterprise Platforms Support >> >> >> >> >> >> >> >> This posting is provided "AS IS" with no warranties, and confers > no >> >> >> >rights. >> >> >> >> >> >> >> > >> >> >> >> >> >> Jim B. SBS MVP >> >> >> remove the mvp to send email >> >> > >> >> > >> >> > >> >> >> >> >> > >> > >> >> > >
- Next message: Mark: "OWA"
- Previous message: jcarreira: "Does anyone have this book? SMB Consulting Best Practices"
- In reply to: MarkC: "Re: Repost - Unable to authenticate a VPN"
- Next in thread: MarkC: "Re: Repost - Unable to authenticate a VPN"
- Reply: MarkC: "Re: Repost - Unable to authenticate a VPN"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
