Can you help me troubleshoot this VPN connection problem?

[Guest]

I can't see where I've gone wrong with this connection:

WIN xp CLIENT >>> 2003 SERVER DOMAIN via DrakTek vigor router

firewall....

It a PPTP connection, using NTL dial up first.

It gets to the login prompt for password, and I'm using one of the valid

usernames, but the message states

"Windows was unable to connect using the user name & password."

The Win XP firewall is turned OFF on the VPN, but not the NTL

connection.

Properties

**General tab**

Hostname (the router's IP address which I verified is correct)

"Dial another connection first" ticked

**Security tab**

Typical (reconmmended settings)... Require secured password, require

data encryption

Advanced (custom settings): MS Chap and MS Chap v2 ticked

**Networking**

TYPE OF VPN = PPTP VPN ---

Settings - enable LCP, enable software compression - TICKED




TCP/IP --- properties>>> use the following IP address 192.168.0.150 (as

per router settings)
Use the following DNS server address 192.168.0.200.

ADVANCED >>>GENERAL TAB>>> "Use default gateway " NOT TICKED
DNS tab "append parent suffixes..." ticked (?)
"Register this connection's address"... NOT TICKED

All ticked:

QoS PACKET SCHEDULER
FILE AND PRINTER SHARING FOR MS NETWORKS
CLIENT FOR MS NETWORKS

I've really run out of ideas why the connection fails at login

Any ideas much appreciated

Thanks

 

[Linda B]

It just sounds like an authentication issue. Most of the time if you're
actually having connection issues, the error message will tell you as much
("Host unknown" or "Connection timed out" or "Remote host not responding,"
etc.). That you're getting a username/password error message tells met that
you're connecting to the VPN okay, just that the credentials supplied aren't
going through.

Have you verified that the credentials are correct, that the account is in
good standing (i.e. not locked out), has appropriate permissions, etc?

Also, can you successfully ping the VPN IP (before connection)?

 

[Guest]

Thanks for yr reply Linda B...

Its really odd... I though it must be an authentication issue at the
router...

I'm certain the account details and permissions are correct, but will check
again to make sure.

The router is configured to reject ping, so it just times out

*****************

 

[Vagabond Software]

I can't see where I've gone wrong with this connection:

WIN xp CLIENT >>> 2003 SERVER DOMAIN via DrakTek vigor router

firewall....

It a PPTP connection, using NTL dial up first.

It gets to the login prompt for password, and I'm using one of the valid

usernames, but the message states

"Windows was unable to connect using the user name & password."

The Win XP firewall is turned OFF on the VPN, but not the NTL

connection.

Does the server issue DCHP addresses for the network or does the router do that?

carl

 

[Guest]

Hi Carl...

The server issues DHCP.

I've entered a static IP address on my home PC which I think is within the
range the router software has reserved for VPN connections... need to check
for sure.

Is there a setting on VPN which I need to look at for DHCP properties on the
client PC which is dialling in?

Thanks

****

 

[Vagabond Software]

Hi Carl...

The server issues DHCP.

I've entered a static IP address on my home PC which I think is within the
range the router software has reserved for VPN connections... need to check
for sure.

Is there a setting on VPN which I need to look at for DHCP properties on the
client PC which is dialling in?

1. Make sure to "include Windows logon domain" in the Options tab
2. Change the TCP/IP Properties to use your server IP address as the preferred DNS server.

On the server side, make sure the account is a member of a group with Remote Access privileges.

Do other VPN connections work on the server?

carl

 

[Guest]

The error message that comes up is "Error 734: The PPP Link Control Protocol
Was Terminated" Any advice?

I found some guidance at the link below, however, lines 8 & 9 "Click the
Security tab." &

"Under Security options, click Allow unsecured password in the Validate my
identity as follows box, and then click OK. "

must refer to Win2000 because XP doesn't have that option


http://support.microsoft.com/default.aspx?scid=kb;en-us;318718

***

Meantime I just want to check with you...

When you say Remote Access Privileges, are you takling about the "dial in"
tab in Active Directory?... This is set to "allow" for me

 

[Guest]

Do I need a static IP address for dial-up VPN to work?