Error 930

[GaryMurray]

I have recently upgraded my company's domain from NT4 to Windows 2003 with Active Directory, all servers\PCs\printer\users are up and running on the upgraded domain.

The problem I have is that when I try to VPN in (pptp) like I used to I get the message:
'Verifying username\password' and then the following error comes up:

'Error 930: The authentication server did not respond to authentication request in a timely fashion'

any ideas what could be causing this or is there something I need to configure in AD, my user account is enabled to dial in?

Thanks
Gary

 

[msworld]

VPN error 930 is a popular error after upgraded NT 4 to the Windows 2003. You may need to reconfigure the RRAS. Thei sline may help,

VPN error 930
Error 930: The authentication server did not respond to authentication requests ... 4) Refer to error 619 resolution - add the vpn to the appropriate group. ...

http://www.howtonetworking.com/vpnissues/error930.htm

Bob Lin, MS-MVP, MCSE & CNE
How to Setup Windows, Network, VPN & Remote Access on

http://www.HowToNetworking.com

 

[GaryMurray]

I have also tried this:

1) Add the VPN to the appropriate group. To do this, go to Active Directory Users and Computers>domain name>Users, double-click the RAS and IAS Servers security group. Select the members and add the VPN server to this group. 2) Type netsh ras add registeredserver at a command prompt (registeredserver is vpn server name), and then press ENTER.

but this has made no difference.

I have also tried this:

To resolve this issue, verify the user permissions in the Active Directory Users and Computers snap-in on a Windows 2000 domain controller. To do this, follow these steps:1. Click Start, point to Programs, point to Administrative Tools, and then click Active Directory Users and Computers.
2. Expand your domain.
3. Right-click Domain Controllers, and then click Properties.
4. Click the Group Policy tab, click Default Domain Controllers Policy, and then click Edit.
5. Expand Computer Configuration, expand Windows Settings, expand Security Settings, expand Local Policies, and then click User Rights Assignment.
6. Double-click Access this computer from the network.
7. By default, the Administrators, the Authenticated Users, and the Everyone groups are assigned this user right. If these groups are not assigned this user right, add them. To do so, click Add, locate the user or group you want to add, and then click OK two times.
The local System account must also have write permissions to the Routing and Remote Access log folder. Following is the default path:
%SYSTEMROOT%\System32\LogFiles
To change or verify the path of the Routing and Remote Access log folder, follow these steps:1. Click Start, point to Programs, point to Administrative Tools, and then click Routing and Remote Access.
2. Click the Route Access Logging object.
3. Verify that the path of the logging directory is as follows:
%SYSTEMROOT%\System32\LogFiles
4. Exit the Routing and Remote Access tool.


This also makes no difference!
Do you have any other ideas?

Gary

 

[msworld]

Do a simple test. Can you establish the VPN in the LAN?

Bob Lin, MS-MVP, MCSE & CNE
How to Setup Windows, Network, VPN & Remote Access on

http://www.HowToNetworking.com

 

[GaryMurray]

arrr no I can't!

what does this suggest that the isa is not functioning correctly, but we have not changed anything on it but we have upgraded from an NT domain to an AD domain.

Any ideas on what the best way forward to resolve this?

 

[GaryMurray]

Could the problem be that I need to raise the function level to 2003, we are still using the NT4 servers though?

Has anyone else had this problem??

 

[msworld]

I would check he ISA settings first. Also can you telnet port 1723?

Bob Lin, MS-MVP, MCSE & CNE
How to Setup Windows, Network, VPN & Remote Access on

http://www.HowToNetworking.com

 

[GaryMurray]

I have not made any changes to the ISA server so why would it stop working.

I will soon be upgrading to isa 2004 do you think that will make any change?