none
VPN Connection

    Question

  • VPN connection does not work.

    A security certificate for Anywhere Access was expiring in a few days. Internet Information Services 8 (IIS) had a new certificate already installed. We bound the new certificate to HTTPS site binding and after rebooting the server we were able to connect to the VPN. However, as of today the following errors are appearing:

    Event Viewer Error from server receiving the connection:

    "CoID={84559C7D-DE65-48C2-9CDD-633036527C31}: The user connected from 174.213.0.155 but failed an authentication attempt due to the following reason: The account does not have permission to dial in."

    Event Viewer Error from computer connecting to the server:

    "CoId={BAB5EFB1-83A8-42DD-94F6-B5C99A163891}:The SSTP-based VPN connection to the remote access server was terminated because of a security check failure. Security settings on the remote access server do not match settings on this computer. Contact the system administrator of the remote access server and relay the following information: 

    SHA1 Certificate Hash: 9724736641F1DEBF657E0C347E516274EED1E80D

    SHA256 Certificate Hash: 70D10D5868C489A8217DF6133B0D175C0324BCF26A149342B222C39A56B3DF59."

    In the Windows Server Dashboard, the user connecting has full access privileges. I checked in the Network Policy Server to ensure that the server security settings match the settings on the computer connecting. Please advise on how to resolve this.

    Thank you very much for any input,

    Martin.



    Update: Just rebooted the server and VPN seems to work now. However, I do not understand what caused the issue documented above. If you have any insight, please let me know.
    • Edited by Martin010 Monday, July 09, 2018 7:18 PM
    Monday, July 09, 2018 6:49 PM

All replies

  • hello

    1 Can you verify which version of your server , you can enter msinfo32 in command prompt.
    2  you can check when the  certificate for Anywhere Access you own will  expire and where certificate is come from. You can check it in IIS manager. (IIS manager >server name> Server Certificate)
    At the same time, you check if there is new certificate created in IIS manager after you restart server 2012 essential

    3 Check the new certificate if it is form Microsoft domain automatically distributes godaddy's certificate.

    4 How often this problem occour

    Tuesday, July 10, 2018 10:34 AM
  • Is there anything else to help you?

    Thursday, July 12, 2018 1:46 AM