EAP based VPN on Win2K error 691
From: Ian (ievans25@hotmail.com)
Date: 05/31/02
- Next message: imran: "permissions vs. security"
- Previous message: Matt: "Re: Using xcacls for special NTFS5 permissions query?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: ievans25@hotmail.com (Ian) Date: 31 May 2002 04:22:01 -0700
Wondering if anyone has run into the following:
I configured a Win2k vpn client with the following:
Both machine and user certificates installed on client that I'm trying
to use with EAP (TLS or MD5) VPN.
Win2k server with RRAS (handing out static pool of addresses)
installed. Under properties, allow both IPSec/L2TP and PPTP and EAP is
enabled (and it shows the default installs for TLS and MD5).
I can get both PPTP and IPSec/L2TP to work normally on the VPN client,
i.e., machine certs for IPSec and MS-CHAPv2 for PPTP. But when I try
EAP (wither MD5 or TLS (smartcard or cert) based, it fails with error
"691 Access was denied because the user name and/or password was
invalid on the domain."
I am not using a smartcard but I figured TLS would work out of the box
for the user cert installed. Do I need to select a special type of
user or machine certificate?
TIA
Ian
- Next message: imran: "permissions vs. security"
- Previous message: Matt: "Re: Using xcacls for special NTFS5 permissions query?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
