| Event Information | According to Microsoft :
Cause :
This event is logged when the user has connected and failed to authenticate on port.
Resolution :
Configure authentication settings
To perform these procedures, you must be a member of the Administrators group, or you must have been delegated the appropriate authority.
Follow the procedures in the order in which they appear until the problem is resolved.
Configure remote access user properties
To configure remote access user properties:
If the remote access server is part of a Windows Server 2008 or Windows Server 2003 domain: - Click Start , click Administrative Tools , and then double-click Active Directory Users and Computers .
- In the console tree, click Users (console tree location: Active Directory Users and Computers/domain name/Users).
- In the details pane, right-click a user name, and then click Properties .
- On the Dial-in tab, under Remote Access Permission (Dial-in or VPN) , click Allow access, Deny access , or Control access through NPS Network Policy , and then click OK .
- Configure other settings, as appropriate.
If the remote access server is a stand-alone server (not part of a domain): - Click Start , click Administrative Tools , and then double-click Computer Management .
- In the console tree, click Users (console tree location: Computer Management/System Tools/Local Users and Groups/Users).
- In the details pane, right-click a user name, and then click Properties .
- On the Dial-in tab, under Remote Access Permission (Dial-in or VPN) , click Allow access, Deny access , or Control access through NPS Network Policy , and then click OK .
- Configure other settings, as appropriate.
Unlock remote access client - For more information about how to configure remote access client lockout, see article 816118 in the Microsoft Knowledge Base
Configure remote access server to access Active Directory
For a remote access server that is a member server of a domain that is configured for Windows authentication, check that: - The RAS and IAS Servers security group exists. If not, create the group and then set the group type to Security and the group scope to Domain local .
- The RAS and IAS Servers security group has read permission to the RAS and IAS Servers Access Check object.
- The computer account of the remote access server computer is a member of the RAS and IAS Servers security group. You can use the netsh ras show registeredserver command to view the current registration. You can use the netsh ras add registeredserver command to register the server in a domain.
- If you add or remove the remote access server to the RAS and IAS Servers security group, the change does not take effect immediately (due to the way that Active Directory information is cached). To make the change take effect immediately, you must restart the remote access server computer.
- The remote access server has joined the domain.
Verify :
To verify that the remote access server can accept connections, establish a remote access connection from a client computer.
To create a VPN connection: - Click Start , and then click Control Panel .
- Click Network and Internet , click Network and Sharing Center , and then click Set up a connection or network .
- Click Connect to a workplace , and then click Next .
- Complete the steps in the Connect to a Workplace wizard.
To connect to a remote access server: - In Network and Sharing Center, click Manage network connections .
- Double-click the VPN connection, and then click Connect .
- Verify that the connection was established successfully.
|