RAS authentication problem

  • Thread starter Thread starter arfollosco
  • Start date Start date
A

arfollosco

When dialling to RAS server: Event 20073: error occurred in the Point to
Point Protocol module. Remote computer does not support required data
encryption type.

Client is Win98 (PPP). RAS server is a stand-alone Windows 2000 Server with
2 NIC's. It also hosts ISA Server. Network is an NT4 domain (PDC, BDC are
NT4).

KB227747's resolution is to register RAS server in Active Directory, which
unfortunately is not set up in my NT4 network. What are my options?



alan
 
Microsoft has this: Microsoft Knowledge Base Article - 254311 Enable Windows
NT 4.0-Based RAS Servers in a Windows 2000-Based Domain. But I need Win2000
RAS Server in an NT domain.

Or did I just miss something in my installation?

As of now, my last hope would be to install RAS in an NT4 server, if at all
possible. However I am hesitant (security reasons) because my 2 NT servers
are PDC and DC. Am I justified in assuming that RAS server in DC's are a
great security risk?

alan
 
In Microsoft KB 260027: Error Message Is Displayed When Setting Up a Virtual
Private Network on Windows 2000 in a Windows NT 4.0 Domain

Resolution is just to ignore error message. The server should still
function correctly.

In my case, it did not. Maybe I was working on a wrong premise?

Help, please!
 
What data encryption type are the client and server set to use? Do they agree? Make sure the Win9x client has the latest DUN updates installed. Also, try
disabling data encryption in the policy on the server as well as in the DUN client.


Thank you,
Mike Johnston
Microsoft Network Support
--

This posting is provided "AS IS" with no warranties, and confers no rights. Use of included script samples are subject to the terms specified at
http://www.microsoft.com/info/cpyright.htm

Note: For the benefit of the community-at-large, all responses to this message are best directed to the newsgroup/thread from which they originated.
 
Thanks for your reply, Michael.

On the Win98 client's DUN connection (with v1.4 update), I chose PPP as type
of dial-up server. The ff are checked: Log on to network, Enable software
compression and TCP/IP protocol. For the TCP/IP settings: Server-assigned
IP address and Server-assigned name server address. Also checked are: Use
IP header compression and Use default gateway on remote network.

On the Win2k RAS server, authentication methods are the default MS-CHAP v2
and MS-CHAP.
Under encryption, Basic, Strong and Strongest are checked.



alan



Michael Johnston said:
What data encryption type are the client and server set to use? Do they
agree? Make sure the Win9x client has the latest DUN updates installed.
Also, try
disabling data encryption in the policy on the server as well as in the DUN client.


Thank you,
Mike Johnston
Microsoft Network Support
rights. Use of included script samples are subject to the terms specified at
http://www.microsoft.com/info/cpyright.htm

Note: For the benefit of the community-at-large, all responses to this
message are best directed to the newsgroup/thread from which they
originated.
 
You are right, thanks a lot. Remote client is now authenticated. The
culprit must have been the Enable software compression setting in the client
DUN connection. I re-created the connection then checked software
compression.

Sweet success, but I still have a problem! My remote client cannot connect
to the internet, and I still have to try connecting to LAN resources.

In my DUN connection, I used the DNS address of my (the LAN's) ISP. But no
connection. I also put in proxy's settings in IE connection (RAS settings).
Still no go. I set up packet filter for the allowed addresses for any
protocol. I configured a protocol rule in the proxy to allow HTTP/HTTPS for
the same IP addresses. What else do I need to set? LAN is NT4 domain with
a stand-alone ISA server.

And how do I access shared folders?
One more thing, and hopefully the last, my dial-up connection runs at 21,600
bps. I use US Robotics 56K modem and I hope to get 33kbps as I believe 56k
is impossible to achieve (telephone line constraints).



Michael Johnston said:
What data encryption type are the client and server set to use? Do they
agree? Make sure the Win9x client has the latest DUN updates installed.
Also, try
disabling data encryption in the policy on the server as well as in the DUN client.


Thank you,
Mike Johnston
Microsoft Network Support
rights. Use of included script samples are subject to the terms specified at
http://www.microsoft.com/info/cpyright.htm

Note: For the benefit of the community-at-large, all responses to this
message are best directed to the newsgroup/thread from which they
originated.
 
Back
Top