VPN Problem - Error 930 and Event 20073

S

Steve Waibel

I just upgraded a NT domain to Windows 2003 with Active Directory.
There was a Windows 2000 member server running before the upgrade that
provided VPN access via the Microsoft-included Routing and Remote
Access. Since the upgrade to Windows 2003 and Active Directory, the
VPN no longer works and returns error 930 to all users logging in.
Event 20073 as shown below, is logged on the Remote Access Server with
each login attempt.

Event Type: Error
Event Source: RemoteAccess
Event Category: None
Event ID: 20073
Date: 4/26/2004
Time: 9:16:36 AM
User: N/A
Computer: COMPUTER_Name
Description:
The following error occurred in the Point to Point Protocol module on
port: VPN4-127, UserName: Domain\JoeUser. The authentication server
did not respond to authentication requests in a timely fashion.

I have already completed the steps detailed in the following Microsoft
KBs:

Routing and Remote Access Server Stops Authenticating Dial-Up
Networking Clients
http://support.microsoft.com/default.aspx?scid=kb;[LN];Q227747

Error Message: Error 930; The Authentication Server Did Not Respond to
Authentication Requests in a Timely Fashion
http://support.microsoft.com/default.aspx?scid=kb;EN-US;299684

Error 930" Error Message When You Use a VPN Connection to Log On to a
Server That Is Running Routing and Remote Access
http://support.microsoft.com/default.aspx?scid=kb;en-us;826899

What else can I try?

Thanks for any suggestions.

Steve
 
S

Sharoon Shetty K [MSFT]

Does the account have read-write permissions in the Active directory service
record?

--

Thanks
Sharoon
(e-mail address removed)

This posting is provided "AS IS" with no warranties, and confers no rights.
 
S

Steve Waibel

Sharoon, I believe what you are asking about is the problem discussed
in Q826899. I followed the resolution shown below and the problem
still exists. Are you suggesting some other way to update the
read-write permissions for the Active directory service record that
may fix the problem?

BTW, if I make this server a DC it does allow VPN logins, but I don't
want to have the VPN machine acting as a DC. I would like to find the
correct solution.

Steve

From Q826899
~~~~~~~~~~~~
CAUSE
This issue may occur if the computer account has permissions to read
the Active Directory directory service record, but it does not have
permissions to write to the Active Directory record.
RESOLUTION
To resolve this issue, verify the user permissions in the Active
Directory Users and Computers snap-in on a Windows 2000 domain
controller. To do this, follow these steps:
Click Start, point to Programs, point to Administrative Tools, and
then click Active Directory Users and Computers.
Expand your domain.
Right-click Domain Controllers, and then click Properties.
Click the Group Policy tab, click Default Domain Controllers Policy,
and then click Edit.
Expand Computer Configuration, expand Windows Settings, expand
Security Settings, expand Local Policies, and then click User Rights
Assignment.
Double-click Access this computer from the network.
By default, the Administrators, the Authenticated Users, and the
Everyone groups are assigned this user right. If these groups are not
assigned this user right, add them. To do so, click Add, locate the
user or group you want to add, and then click OK two times.


Sharoon Shetty K said:
Does the account have read-write permissions in the Active directory service
record?

--

Thanks
Sharoon
(e-mail address removed)

This posting is provided "AS IS" with no warranties, and confers no rights.

Steve Waibel said:
I just upgraded a NT domain to Windows 2003 with Active Directory.
There was a Windows 2000 member server running before the upgrade that
provided VPN access via the Microsoft-included Routing and Remote
Access. Since the upgrade to Windows 2003 and Active Directory, the
VPN no longer works and returns error 930 to all users logging in.
Event 20073 as shown below, is logged on the Remote Access Server with
each login attempt.

Event Type: Error
Event Source: RemoteAccess
Event Category: None
Event ID: 20073
Date: 4/26/2004
Time: 9:16:36 AM
User: N/A
Computer: COMPUTER_Name
Description:
The following error occurred in the Point to Point Protocol module on
port: VPN4-127, UserName: Domain\JoeUser. The authentication server
did not respond to authentication requests in a timely fashion.

I have already completed the steps detailed in the following Microsoft
KBs:

Routing and Remote Access Server Stops Authenticating Dial-Up
Networking Clients
http://support.microsoft.com/default.aspx?scid=kb;[LN];Q227747

Error Message: Error 930; The Authentication Server Did Not Respond to
Authentication Requests in a Timely Fashion
http://support.microsoft.com/default.aspx?scid=kb;EN-US;299684

Error 930" Error Message When You Use a VPN Connection to Log On to a
Server That Is Running Routing and Remote Access
http://support.microsoft.com/default.aspx?scid=kb;en-us;826899

What else can I try?

Thanks for any suggestions.

Steve
Click to expand...
Click to expand...
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

VPN error 930 2
Error 930 connecting via VPN to a member server, to a DC works fine 4
Getting error 930 when trying to set up my VPN 3
vpn authentication 2
Error 930 Manual RRA Setup 1
VPN Error 930 3
VPN clients get error 930 since network upgrade. 3
VPN Server Quit for no reason.. Please Help 3

Top