Hi:
I am having nightmare on this VPN issue. Can any one please help me as where I am going wrong ??
I have spent so far 1 month and can;t get a fix for it.
Thanks in advance
CLIENT SIDE VPN ICON PROPERTIES:
On the client side these are the settings on the VPN properties:
On the general tab, my server ip address is shown
On the Options tab, display progress while connecting and prompt for name and password ,certificates ,etc are the only two snapped.
on the sercurity tab, advacned (custom settings ) is snapped and under the settings only Microsoft CHAP ( MS-CHAP) is snapped.
On the networking tab, under type of VPN I am calling, Point to Point Tunneling Protocol(PPTP) is enabled and under the settings none of them are snapped.
on the properties of the TCP/IP ,ontain an IP automatically and ontain DNS server address automatically are snapped and in the advacned under the general nothing is snapped, and under DNS Append primary and connection speicific DNS suffixes is sanpped and also Append Parent suffixies of the primary DNS suffix is snapped. Also Register this connections address in the DNS is snapped.
On the WINS , Enable LMhosts lookup is snapped.
On the Options, under optional settings, under IP Security properties Do not use IPSEC is Snapped.
SERVER SIDE SETTINGS:
under routing and remote access, in the proprties page of the server (local),under general tab Enable this computer as a ROuter is Snapped and also LAN and demand-dial routing is snapped. Also REmote access server is snapped. under Security in Authentication provider, Windows Authentication is enabled and in Authentication methods MS-CHAP is snapped and under accounting provider windows accounting is enabled.
Under IP tab, Enable IP routing is enabled and also Allow IP based remote access and demand dial connections is enabled. Also Dynamic host Confirguration protocol (DHCP) is snapped.
under PPP tab, nothing is snapped.
under event logging log error and warnings and Enable point to point protocol (PPP) logging is enabled.
On the MMC console under REmote access policies, there are two policies defined.
First Policy: Acclow access if dial-in permission is enabled which is in Order 1. and the properties are as follows. On the ppolicy name allow access if dial-in permission is enabled and under the specify conditoin to match, Day-and- time restriction is enabled and sun thru sunday all of the time is permitted. under if the user matches the condition, Grant access is enabled. On the profile properties, under the tab Authentication, MS-CHAP is snapped. On the IP tab, Server Settings Define policy is snapped. on encrption tab, No Encrption is snapped.Under Dial in Constraints, nothing is snapped.on the multilink tab, Default to server settings is snapped.
Second Policy: This policy which has a name VPN is in Order 2. and the properties are as follows. On the ppolicy name VPN is there and under the specify conditoin to match, Tunnel Type matches "Point-to-Point Tunneling protocol(PPTP) " AND NAS -Port Type Matches "VIRTUAL (VPN" is there . under if the user matches the condition, Grant access is enabled. On the profile properties, under the tab Authentication, MS-CHAP is snapped. On the IP tab, Server Settings Define policy is snapped. on encrption tab, No Encrption is snapped.Under Dial in Constraints, nothing is snapped.on the multilink tab, Default to server settings is snapped.
With the above settings in place, when I try to connect to the server through VPN, I get the following error message:
Error 649: The account does not have permission to dial in. Please note that the account which I am trying to dial in has the permission to dial in .
If I change the order of remote policy , which is If I move the VPN policy to Order 1 from 2, then I get the following error:
Error 628: Diconnected . The connection was closed. Also please note that after this happen, I just can't use the VPN , means when I try to click on the CPN icon, nothing happens unless I reboot the system.
PLEASE HELP....
THANKS
I am having nightmare on this VPN issue. Can any one please help me as where I am going wrong ??
I have spent so far 1 month and can;t get a fix for it.
Thanks in advance
CLIENT SIDE VPN ICON PROPERTIES:
On the client side these are the settings on the VPN properties:
On the general tab, my server ip address is shown
On the Options tab, display progress while connecting and prompt for name and password ,certificates ,etc are the only two snapped.
on the sercurity tab, advacned (custom settings ) is snapped and under the settings only Microsoft CHAP ( MS-CHAP) is snapped.
On the networking tab, under type of VPN I am calling, Point to Point Tunneling Protocol(PPTP) is enabled and under the settings none of them are snapped.
on the properties of the TCP/IP ,ontain an IP automatically and ontain DNS server address automatically are snapped and in the advacned under the general nothing is snapped, and under DNS Append primary and connection speicific DNS suffixes is sanpped and also Append Parent suffixies of the primary DNS suffix is snapped. Also Register this connections address in the DNS is snapped.
On the WINS , Enable LMhosts lookup is snapped.
On the Options, under optional settings, under IP Security properties Do not use IPSEC is Snapped.
SERVER SIDE SETTINGS:
under routing and remote access, in the proprties page of the server (local),under general tab Enable this computer as a ROuter is Snapped and also LAN and demand-dial routing is snapped. Also REmote access server is snapped. under Security in Authentication provider, Windows Authentication is enabled and in Authentication methods MS-CHAP is snapped and under accounting provider windows accounting is enabled.
Under IP tab, Enable IP routing is enabled and also Allow IP based remote access and demand dial connections is enabled. Also Dynamic host Confirguration protocol (DHCP) is snapped.
under PPP tab, nothing is snapped.
under event logging log error and warnings and Enable point to point protocol (PPP) logging is enabled.
On the MMC console under REmote access policies, there are two policies defined.
First Policy: Acclow access if dial-in permission is enabled which is in Order 1. and the properties are as follows. On the ppolicy name allow access if dial-in permission is enabled and under the specify conditoin to match, Day-and- time restriction is enabled and sun thru sunday all of the time is permitted. under if the user matches the condition, Grant access is enabled. On the profile properties, under the tab Authentication, MS-CHAP is snapped. On the IP tab, Server Settings Define policy is snapped. on encrption tab, No Encrption is snapped.Under Dial in Constraints, nothing is snapped.on the multilink tab, Default to server settings is snapped.
Second Policy: This policy which has a name VPN is in Order 2. and the properties are as follows. On the ppolicy name VPN is there and under the specify conditoin to match, Tunnel Type matches "Point-to-Point Tunneling protocol(PPTP) " AND NAS -Port Type Matches "VIRTUAL (VPN" is there . under if the user matches the condition, Grant access is enabled. On the profile properties, under the tab Authentication, MS-CHAP is snapped. On the IP tab, Server Settings Define policy is snapped. on encrption tab, No Encrption is snapped.Under Dial in Constraints, nothing is snapped.on the multilink tab, Default to server settings is snapped.
With the above settings in place, when I try to connect to the server through VPN, I get the following error message:
Error 649: The account does not have permission to dial in. Please note that the account which I am trying to dial in has the permission to dial in .
If I change the order of remote policy , which is If I move the VPN policy to Order 1 from 2, then I get the following error:
Error 628: Diconnected . The connection was closed. Also please note that after this happen, I just can't use the VPN , means when I try to click on the CPN icon, nothing happens unless I reboot the system.
PLEASE HELP....
THANKS