none
"Your network administrator has blocked you from connecting to this network" PPTP VPN problem RRS feed

  • Question

  • Hi folks!

    Getting the following when a user is trying to connect to a PPTP VPN.  There are no domain policies preventing this,  and the user is a local administrator on the machine.  

    "Your network administrator has blocked you from connecting to this network" and the connect button is unavailable. 

    Non-domain machines connect without a problem.  RSOP on that remote machine shows there is no group policy changes to the:

    Computer Configuration -> Policies -> Windows Settings -> Security Settings -> wired / wireless nodes. 

    Machine is Windows 7 Pro, joined to a standard domain, PPTP server is not Windows based (PPTPD machine,  works for MANY other clients without a problem,  including Windows 7 pro machines either joined or not joined to domains. 

    Anyone know what I should look for?  Everything I can find online seems to have to do with connecting to wireless,  and vista.  

     

    Thanks!!!

    Tuesday, January 28, 2014 5:28 PM

Answers

  • Apparently the answer was simple,  yet I only stumbled across it (Still searching the net for some sort of connection)

    The Default Domain Policy for Server 2008 apparently included:

    User Configuration -> Policies -> Administrative Templates -> Network/Network connections ->

    Policy | Setting

    Prohibit access to properties of a LAN connection  |  Enabled  
    Prohibit access to properties of components of a remote access connection  |  Enabled  
    Prohibit access to the Remote Access Preferences item on the Advanced menu  |  Enabled  
    Prohibit connecting and disconnecting a remote access connection  |  Enabled  

    I changed these to the following:

    Policy | Setting

    Prohibit access to properties of a LAN connection   |  Disabled  
    Prohibit access to properties of components of a remote access connection   |  Disabled  
    Prohibit access to the Remote Access Preferences item on the Advanced menu   |  Disabled  
    Prohibit connecting and disconnecting a remote access connection   |  Disabled  

    The user then had to connect to a hardware VPN and gpupdate /force,  this allowed them to connect to the VPN without a problem.  (though the same problem with traffic leaking out the non-gateway route was still occurring on Windows machines,  that's another matter entirely!)

    Thanks!

    • Marked as answer by Justin Davidow Tuesday, January 28, 2014 8:14 PM
    Tuesday, January 28, 2014 8:14 PM

All replies

  • Apparently the answer was simple,  yet I only stumbled across it (Still searching the net for some sort of connection)

    The Default Domain Policy for Server 2008 apparently included:

    User Configuration -> Policies -> Administrative Templates -> Network/Network connections ->

    Policy | Setting

    Prohibit access to properties of a LAN connection  |  Enabled  
    Prohibit access to properties of components of a remote access connection  |  Enabled  
    Prohibit access to the Remote Access Preferences item on the Advanced menu  |  Enabled  
    Prohibit connecting and disconnecting a remote access connection  |  Enabled  

    I changed these to the following:

    Policy | Setting

    Prohibit access to properties of a LAN connection   |  Disabled  
    Prohibit access to properties of components of a remote access connection   |  Disabled  
    Prohibit access to the Remote Access Preferences item on the Advanced menu   |  Disabled  
    Prohibit connecting and disconnecting a remote access connection   |  Disabled  

    The user then had to connect to a hardware VPN and gpupdate /force,  this allowed them to connect to the VPN without a problem.  (though the same problem with traffic leaking out the non-gateway route was still occurring on Windows machines,  that's another matter entirely!)

    Thanks!

    • Marked as answer by Justin Davidow Tuesday, January 28, 2014 8:14 PM
    Tuesday, January 28, 2014 8:14 PM
  • Hi,

    Nice job, thanks for sharing your solution.

    Have a nice day!


    Alex Zhao
    TechNet Community Support

    Wednesday, January 29, 2014 8:25 AM
    Moderator