Event ID - 20230

Event Id20230
SourceRemoteAccess
DescriptionThe connection from user %1 on port %2 has been disconnected because the Session Timeout received from the RADIUS server has expired. This connection received only an IPv6 address from the RRAS server and it is invalid to configure the MS-Quarantine-Session-Timeout attribute on the NPS server for IPv6-only connections.
Event Information According to Microsoft :

Cause :

This event is logged when the connection from user on port has been disconnected because the Session Timeout received from the RADIUS server has expired.

Resolution :

Check the NPS configuration

Possible resolution:
  • This connection has received only an IPv6 address from the RRAS server. You cannot configure the MS-Quarantine-Session-Timeout attribute on the server running Network Policy Server (NPS) for IPv6-only connections.
To check the NPS configuration:
  1. Open NPS. Click Start , click Run , type nps.msc , and then press ENTER.
  2. In the console tree, under Policies , click Connection Request Policies .
  3. In the details pane, under Policy Name , double-click the NAP VPN policy for remote access server ( VPN - Dial up ).
  4. Click the Settings tab.
  5. Under RADIUS Attributes , click Vendor Specific . Under Attributes , check whether a Microsoft vendor RADIUS attribute, MS-Quarantine-Session-Timeout, appears. If yes, select the MS-Quarantine-Session-Timeout attribute, and then click Remove . If the policy is being created for the first time, do not add the MS-Quarantine-Session-Timeout attribute.
  6. Click OK .
Verify :

To verify that NAP remote access enforcement clients are installed and initialized:
  1. On the NAP client computer, click Start , point to All Programs , click Accessories , and then click Command Prompt .
  2. In the command window, type netsh nap client show configuration , and then press ENTER.
  3. If the client computer's NAP configuration is determined by Group Policy, type netsh nap client show grouppolicy , and then press ENTER.
  4. In the command output, under Enforcement clients , verify that the enforcement clients listed for your deployment are correct, and that the enforcement clients in use on your network have an Admin value of Enabled .
  5. In the command window, type netsh nap client show state , and then press ENTER.
  6. In the command output, under Enforcement client state , verify that all enforcement clients listed for your deployment are correct, and that the enforcement clients that are enabled on the client computer have an Initialized value of Yes .
Reference LinksEvent ID 20230 from RemoteAccess

Catch threats immediately

We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.

See what we caught

Did this information help you to resolve the problem?

Yes: My problem was resolved.
No: The information was not helpful / Partially helpful.
 Refresh