locked
VPN Connections dropped RRS feed

  • Question

  • My VPN users have recently started getting their connection dropped just after they log in. When they try to log in again the VPN client will not open. The user will have to log out of windows and back in before the VPN client will open again. When I look at the ISA server Monior/Sessions filtered on VPN Clients I see the connection come in with a (?) behind Client Username  for each time they try to connect and untill they make a good connection. When a good connection is finally made the (?) just  flashs behind the client user name and then goes away. What could be causing this?

    I used to see only good connection in the Monitor/Sessions for VPN connections and they would go away on the next screen refresh if they dropped their connection. Now when it refreshes it doen't clear out the old good connection that have dropped or the ones that have failed with the (?) behind the cleint user name.
    Tuesday, October 21, 2008 1:22 PM

Answers

  • When the (?) goes away, it's because ISA has considered the username validated by way of actual authentication of the user account.
    If the behavior of the VPN conections has changed from previous observations, then something has changed; whether you're aware of the change is a different question altogether <vbg>.  The "red x" you describe is seen in the RRAS management MMC?
    This indicates that something has failed in RRAS itself.  What errors do you find in the system event logs?

    Jim Harrison Forefront Edge CS
    Monday, November 10, 2008 9:34 AM

All replies

  •   Hi,

    explanation for the (?)
    http://technet.microsoft.com/en-us/library/cc302624.aspx

    Is there anything changed in the configuration? How will the <VPN clients connect to ISA? Through a router or directly?
    Do you get this error on every client regardless of the operating system?

    regards Marc
    www.nt-faq.de
    www.it-training-grote.de
    Tuesday, October 21, 2008 7:10 PM
  • Thanks for reponding to my question.
    Nothing has changed in the configuration.
    The VPN Clients connect through a router.
    I am pretty sure that all my clients are using Windows XP.
    I am using PPTP with access to my domain users with EAP Authentication.
    RRA Security Authentication is set with EAP Method of RSA Security.
    My users are using RSASecurity Tokens.
    My RRA councel Remote Access Policies and Remote Access Logging have red x next to them.
    Users seem to still be able to connect when this happens. Resetting the RRA does not get rid of the red x's. Resetting the entire server is the only way to clear the red x's.
    Could the red x next to RRA Remote Access Policies and Remote Access Logging be causing intermentent problems with the users not connecting? 
    Wednesday, October 22, 2008 1:59 PM
  • When the (?) goes away, it's because ISA has considered the username validated by way of actual authentication of the user account.
    If the behavior of the VPN conections has changed from previous observations, then something has changed; whether you're aware of the change is a different question altogether <vbg>.  The "red x" you describe is seen in the RRAS management MMC?
    This indicates that something has failed in RRAS itself.  What errors do you find in the system event logs?

    Jim Harrison Forefront Edge CS
    Monday, November 10, 2008 9:34 AM