G
Guest
Hi,
Any advice would be appreciated.with this issue.
I am trying to setup VPN Server on my ISA standalone version box to grant
clients using PPTP, and get Event ID 20189.
The user <domain\user> connected from <ip address> but failed an
authentication attempt due to the following reason: <error description> .
The only reference is can find is Q26640 but i dont have any
Dial-In-Contraints set.in the RRAS policy.
I know the user name and password are correct , its my account im trying to
log in under. I know its recognising my account because it locks the account
after 6 attempts re Group Policy. Plus the usual events 529 681 for bad
username and password.etc
Specifics
My perimeter consists of
ADSL Internet Router/Firewall
|
Hardware Firewall
|
DMZ Segment 17.16.x.x
| (Testing client here in DMZ)
ISA Server patched up to date
ISA External Interface - 172.16.1.10
ISA Internal Interface - 192.168.1.1
Anyway im trying to troubleshoot this by connecting the client in the DMZ
segment with an IP of 172.16.1.5 gateway 172.16.1.10, and using PPTP as a
convenience to troubleshoot.
RRAS Policy has PPTP Ports with Dial-In-only selected, Address allocation is
done by a static pool.
Also the ISA server though a member server is a member of the IAS security
group, though im using Windows Authentication..
RRAS Logging generates messages with every attempt in the RRAS logs as well,
so it appears access through ISA isnt the problem.
Oh also i have AD Users and Comp Dial in setting to allow Policy to define
dial in access
The client is XP SP1
Any help would be appreciated this almost seems like a bug.
Mike Hartnett MCSE
Any advice would be appreciated.with this issue.
I am trying to setup VPN Server on my ISA standalone version box to grant
clients using PPTP, and get Event ID 20189.
The user <domain\user> connected from <ip address> but failed an
authentication attempt due to the following reason: <error description> .
The only reference is can find is Q26640 but i dont have any
Dial-In-Contraints set.in the RRAS policy.
I know the user name and password are correct , its my account im trying to
log in under. I know its recognising my account because it locks the account
after 6 attempts re Group Policy. Plus the usual events 529 681 for bad
username and password.etc
Specifics
My perimeter consists of
ADSL Internet Router/Firewall
|
Hardware Firewall
|
DMZ Segment 17.16.x.x
| (Testing client here in DMZ)
ISA Server patched up to date
ISA External Interface - 172.16.1.10
ISA Internal Interface - 192.168.1.1
Anyway im trying to troubleshoot this by connecting the client in the DMZ
segment with an IP of 172.16.1.5 gateway 172.16.1.10, and using PPTP as a
convenience to troubleshoot.
RRAS Policy has PPTP Ports with Dial-In-only selected, Address allocation is
done by a static pool.
Also the ISA server though a member server is a member of the IAS security
group, though im using Windows Authentication..
RRAS Logging generates messages with every attempt in the RRAS logs as well,
so it appears access through ISA isnt the problem.
Oh also i have AD Users and Comp Dial in setting to allow Policy to define
dial in access
The client is XP SP1
Any help would be appreciated this almost seems like a bug.
Mike Hartnett MCSE