| Event Information | According to Microsoft :
Diagnose :
The remote access connection must have permissions through dial-in properties of the user account and remote access policies. In addition, the credentials of the remote access client (user name, password, and domain name) must be validated by the remote access server.
This error might be caused by the incorrect configuration of one of the following:- Connection settings
- Credentials of the remote access client
Check connection settings- Match all of the conditions of at least one remote access policy.
- Grant remote access permission through the local user account or can grant remote access permission through the domain user account and the remote access permission of the matching remote access policy.
- Match all of the settings of the profile.
- Match all of the settings of the dial-in properties of the user account.
Check the credentials of the remote access client in Windows or RADIUS- If Windows is used as the authentication and accounting provider, the remote access server uses native Windows functions to validate the security credentials of the remote access client and access the remote access client's user account dial-in properties.
- If RADIUS is used as the authentication and accounting provider, the remote access server acts as a RADIUS client and sends the user's credentials and other connection settings to a RADIUS server. The RADIUS server validates the credentials of the remote access client, authorizes the connection attempt, and stores remote access connection accounting information.
Resolve
Configure remote access dial-in
To perform these procedures,must be a member of the Administrators group or must have been delegated the appropriate authority.
Follow these procedures in the order in which they appear until the problem is resolved.- Configure remote access user properties
- Unlock remote access client
- Configure remote access server to access Active Directory
Configure authentication protocols
To perform this procedure,must be a member of the Administrators group or must have been delegated the appropriate authority.
To enable authentication protocols:- Open Routing and Remote Access. Click Start, click Run, type rrasmgmt.msc, and then press ENTER.
- Right-click the server name for which you want to enable authentication protocols, and then click Properties.
- On the Security tab, click Authentication Methods.
- In the Authentication Methods dialog box, select the check boxes for the authentication protocols that the remote access server will use to authenticate remote clients, and then click OK.
Configure access privileges
To perform these procedures,must be a member of the Administrators group or must have been delegated the appropriate authority.
Follow the procedures in the order in which they appear until the problem is resolved.- Configure remote access user properties
- Unlock remote access client
- Configure remote access server to access Active Directory
Use the same authentication method
To perform this procedure,must be a member of the Administrators group or must have been delegated the appropriate authority.
To enable authentication protocols:- Open Routing and Remote Access. Click Start, click Run, type rrasmgmt.msc, and then press ENTER.
- Right-click the server name for which want to enable authentication protocols, and then click Properties.
- On the Security tab, click Authentication Methods.
- In the Authentication Methods dialog box, select the check boxes for the authentication protocols that the remote access server will use to authenticate remote clients, and then click OK.
Configure authentication settings
To perform these procedures,must be a member of the Administrators group or must have been delegated the appropriate authority.
Follow the procedures in the order in which they appear until the problem is resolved.- Configure remote access user properties
- Unlock remote access client
- Configure remote access server to access Active Directory
Configure network protocol settingsTo perform this procedure, must have membership in Administrators or must have been delegated the appropriate authority.
To configure network protocol properties of the remote access server:Open Routing and Remote Access. Click Start, click Run, type rrasmgmt.msc, and then press ENTER.- Right-click the server name for which you want to view properties, and then click Properties.
- Check the settings on the IPv4 and IPv6 tabs.
Reconnect to port or increase the PPP negotiation time
Try to connect to port again.If the problem persists, increase the PPP negotiation time.
In the registry, change the time for the PPP negotiation process to time out.Set the NegotiateTime entry in the following registry subkey:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RasMan\PPP\Parameters\NegotiateTime
Note : The default value is 150 seconds. Changes to the registry setting will not take effect until the Routing and Remote Access service or Internet Authentication Service (IAS) are restarted.
Caution : Incorrectly editing the registry might severely damage your system.Before making changes to the registry,should back up any valued data on the computer.
Review the remote access service error code
There is not enough information available in the Routing and Remote Access service event message to provide a recommendation for resolution of the problem.
Correct the mismatch in client and server configuration parameters
Possible resolution:
Check that the remote access client connection is configured with the same connection parameters as the remote access server.
Check the authentication protocols
To perform this procedure, must have membership in Administrators, or must have been delegated the appropriate authority.
To check authentication protocols:- Open Routing and Remote Access. Click Start, click Run, type rrasmgmt.msc, and then press ENTER.
- Right-click the server name for which want to check authentication protocols, and then click Properties.
- On the Security tab, click Authentication Methods.
- In the Authentication Methods dialog box, select the check boxes for the authentication protocols that the remote access server will use to authenticate remote clients, and then click OK.
Check for packet corruption
Possible resolution:- Use the information in the Diagnose section to narrow down the issue.
Configure dial-in settings
To perform these procedures,must have membership in Administrators or must have been delegated the appropriate authority.
Follow the procedures in the order in which they appear until the problem is resolved.- Configure remote access user properties
- Unlock remote access client
- Configure remote access server to access Active Directory
Reset password
To perform these procedures,must have membership in Administrators, or must have been delegated the appropriate authority.- Reset a password for a local user account
- Reset a password for a domain user account on a member server
- Reset a password for a domain user account on a domain controller
|