It has been my experience when using Windows 2000 AD domain accounts in conjunction with any RRAS VPN access, you need to make sure that the "Dial In" option in the AD Account information is set to "Allow" Dial up access, go into your AD Users and Computers and make sure that Dial In is allowed for whom ever you wish, that hopefully will fix your issue. Glenn -----Original Message----- From: Nicholas Palmer [mailto:NICK@xxxxxxxxxxx] Sent: Monday, October 27, 2003 11:51 AM To: [ISAserver.org Discussion List] Subject: [isalist] ISA RRAS/VPN and AD upgrade http://www.ISAserver.org Hi all, I've got what is hopefully a simple question. I had a Windows NT 4.0 Domain, with a Windows 2000 server running ISA. On this ISA server I had RRAS and VPN setup. This all worked fine. Well this weekend I upgraded my NT 4.0 domain to a Windows 2003 AD. Now, I can't VPN in any more. When a VPN client tries to connect, it says that it was unable to authenticate. If I look at the logs on my ISA server, it says that it was unable to contact the Authentication server. What do I need to get this back to working ? The RRAS is set to use Windows Authentication currently. I have tried installed IAS on my Domain controller and then changing RRAS to use RADIUS, but that didn't work either. I knew the AD upgrade would be a learning curve, but I was so happy with myself that the AD upgrade worked and all my internal desktops worked. Oh well, its always something ... Thanks Nick ____________________ Nicholas Palmer KCI Computing, Inc. (nick@xxxxxxxxxxx) 310.921.6222 ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: gmaks@xxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub')