XP SP2 VPN to 3COM SS3 Firewall using RADIUS Auth to IAS not connecting problem

[Rakhesh Rao]

Hi There,

We seem to be having problems connecting users on laptops running XP SP2 to
our network using a VPN Tunnel. We get the following errors

Error 792 Security Negotiation Failure.

and under the Security Log of the client machine:

Event Type: Failure Audit
Event Source: Security
Event Category: Logon/Logoff
Event ID: 547
Date: 18/01/2005
Time: 14:00:09
User: NT AUTHORITY\NETWORK SERVICE
Computer: XXXXXXXX
Description:
IKE security association negotiation failed.
Mode:
Key Exchange Mode (Main Mode)

Filter:
Source IP Address 62.188.XX.XXX
Source IP Address Mask 255.255.255.255
Destination IP Address 194.2XX.XXX.XX
Destination IP Address Mask 255.255.255.255
Protocol 0
Source Port 0
Destination Port 0
IKE Local Addr 62.188.XX.XXX
IKE Peer Addr 194.2XX.XXX.XX

Peer Identity:
Preshared key ID.
Peer IP Address: 194.2XX.XXX.XX

Failure Point:
Me

Failure Reason:
Negotiation timed out

Extra Status:
0x0 0x0


For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.

This error never occured before under SP1 with the VPN Connection behaving
very well. What could be the problem and how do we go about fixing it?

Thanks

Rakhesh Rao
(e-mail address removed)

please remove efes to send me a email reply though I would much rather
prefer a post to this group for a reply.

 

[Rakhesh Rao]

Tried the following to see if it made any difference:

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IPSec]
"AssumeUDPEncapsulationContextOnSendRule"=dword:00000002

However this hasnt made any effect on this. I have turned off the Windows
Firewall to no effect. Any ideas??? The settings are the same as in XP SP1
and it all worked ok.

So what has changed in SP2 that this is now proving to be a major problem???

Rakhesh