none
RRAS Issue. PPTP no RADIUS yet RADIUS error

    Question

  • Server 2003 RRAS PPTP VPN

    When ever someone connects via VPN they authenticate but can not access any network resources. They have to disconnect then re-connect and then can access the network.

    In the System Events logs there is the following error when ever they conenct:

     

    Source: RemoteAccess
    Type: Error
    Event ID: 20210
    Description:

    The IAS/RADIUS server has passed an invalid value to the server
    running Routing and Remote Access for the following RADIUS attribute:
    Attribute Type 26, Vendor ID 311, Vendor specific type 22. Use the netsh ras
    set trace command to enable packet tracing. Ensure that the RADIUS packets
    conform to the standards specified in RFC 2548.

    There is no use of RADIUS in this network.

    I enabled the loging with the netsh ras as specified and had someone connect and log the connections. But not sure where in it to find the answer to my issue.

    Friday, April 02, 2010 7:54 PM

Answers

  • Hi,

    If RADIUS is not being used in the network, please ensure that you select the Windows Authentication option in the Authentication provider on the VPN server.

    According to the RFC 2548, the Vendor-Type 22 is for MS-Filter Attribute. Please verify that the filters in the Remote Access policies are configure correctly and "make sense".

     


    This posting is provided "AS IS" with no warranties, and confers no rights.
    Wednesday, April 07, 2010 5:27 AM
    Moderator