Re: Does L2TP actually WORK ? Drama on XP
From: stephen (stephenbebb_at_hotmail.com)
Date: 09/29/03
- Next message: LJ: "SPAM"
- Previous message: Perry: "Security Download"
- In reply to: GoumbaYa: "Re: Does L2TP actually WORK ? Drama on XP"
- Next in thread: stephen: "Closed Re: Does L2TP actually WORK ? Drama on XP"
- Reply: stephen: "Closed Re: Does L2TP actually WORK ? Drama on XP"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sun, 28 Sep 2003 19:43:23 -0700
Hi,
Thanks for the email but think its a bit harsh.
I tried single posting and waited over a week and didn't
get any reply. As the error could be due to Security
admin or network in the XP box or the RRAS setup of the
radius server or the inbound/outbound of the vpn server or
the active directory or group policy's on of the backend
domain controller there are multiple places to post. If I
had a clearer message and log to help me out then I would
know the exact place to look for answers.
What is the newsgroup that you think can help me solve
this problem with my XP client ?
Cheers
Steve
>-----Original Message-----
>Stop multiposting and find the correct newsgroup for VPN
related stuff.
>
>"stephen" <stephenbebb@hotmail.com> wrote in message
>news:1663201c38621$c9eef7b0$a601280a@phx.gbl...
>> Hi,
>>
>> I have set up 5 fresh windows 2003 boxes and have
followed
>> the VPN lab document as close as possible.
>>
>> I am trying to get a test lab up and running and have
run
>> into into a few major problems and I have limited time
>> left to demo this to my business and a vocal Unix crowd.
>>
>> I am using the Microsoft article :
>> http://www.microsoft.com/technet/treeview/default.asp?
>>
url=/technet/prodtechnol/windowsserver2003/deploy/confeat/r
>> motevpn.asp
>> with a future hope of swapping the WinXP box for a PDA
>> running Mobile 2003 with a wireless network being the
>> 10.0.0.1 and 10.0.0.2.
>> But of course I need to get the WinXP CLIENT1 working
>> first.
>>
>> After I got the PPTP scenario working (very fast) I ran
>> into a show stopper with the L2TP scenario in the above
>> mentioned document.
>>
>> I end up with an error of: 789 and then after auto
>> reconnect the error goes to 792.
>>
>> I followed the steps in the L2TP document and everything
>> seemed to work fine until of course I tried to connect
to
>> the L2TP connection via the WinXP CLIENT1 box. The
steps
>> I followed were:
>>
>> 1.) Into the DC and configured the automatic certificate
>> for a computer
>> 2.) Then I did the gpudate on both the DC and VPN box. I
>> didn't do it on the IAS box ?
>> 3.) I then logged the client into the intranet domain
>> network under the VPNUser. No problems, I could ping
all
>> the 172.16.0.X boxes and resolve their hostname.domain
and
>> I also checked that the certificate was loaded into
>> Certificates -> Personal -> Certificate and it was. A
>> certificate with the clienthostname.domain. I opened up
>> the certicate and reviewed it properties and there
seemed
>> to be no problems.
>> 4.) I then shutdown the CLIENT1 (XP box) and connected
the
>> WinXP box back to the isolated Internet hub connection.
>> 5.) Logged in again under VPNuser. This time the log on
>> took forever. Two Event Viewer application errors were
>> then generated. I quickly checked that I could ping the
>> VPN server (VPN1) at 10.0.0.2 and I could. It was
>> successful and the CLIENT1 had now taken on the 10.0.0.1
>> IP address.
>>
>> The first of these application errors said:
>>
>> Windows cannot obtain the domain controller name for
your
>> computer network. (The specified domain either does not
>> exist or could not be contacted) Group Policy process is
>> aborted.
>>
>> The second application error message (genertaed approx 1
>> min afterwards) said:
>> Automatic certificate enrollment for Local System failed
>> to contact the active directory. The specified domain
>> either does not exist or could not be contacted.
>> Enrollment will not be performed.
>>
>> I thought both of these were fine as I wasn't connected
>> onto the intranet yet for the active directory links to
be
>> performed ???
>>
>> Anyway, then I setup the L2TP connection as it says in
the
>> doco. I tried it with both mulitnode and LCP turned off
>> and on, rebooting and anything else etc.. etc..
>>
>> The error I consistenly get is:
>> Connecting to 10.0.0.2
>> Error 789 : The L2TP connection failed bacause the
>> security layer encountered a processing error during
>> initial negotiations with the remote computer.
>>
>> Then when it auto redials it gives me the next error:
>> Error 792:
>> The L2TP connection attempt failed because security
>> negotiation timed out.
>>
>> LASTLY, I thought I would try the good ol PPTP
connection
>> to see if it was still working and it was. The PPTP
>> connection was successful adn I could still access the
web
>> site and c:\ on the iis1 box.
>> I have read some of the news items and found Tom's site
>> and book a must purchase for me (Does it use WIndows
2003
>> in the book ?)
>>
>> I also checked the Root Certificate and found that is
was
>> registered just fine int he Root Certificate folder and
>> that the hierarchy in the personal certificate was all
OK.
>>
>> Please help me get this demo up and running, I'm so
close.
>>
>> Cheers
>> Steve
>>
>
>
>.
>
- Next message: LJ: "SPAM"
- Previous message: Perry: "Security Download"
- In reply to: GoumbaYa: "Re: Does L2TP actually WORK ? Drama on XP"
- Next in thread: stephen: "Closed Re: Does L2TP actually WORK ? Drama on XP"
- Reply: stephen: "Closed Re: Does L2TP actually WORK ? Drama on XP"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
