RE: RRas has died; usual fixes not working; no vpn capability
- From: "Steve Moffat" <steve@xxxxxxxxxx>
- To: "ISA Mailing List" <isalist@xxxxxxxxxxxxx>
- Date: Thu, 5 May 2005 21:06:01 -0300
Has SP1 been installed?
S
-----Original Message-----
From: jlyon [mailto:jlyon@xxxxxxxxxxxxx]
Sent: Thursday, May 05, 2005 5:20 PM
To: ISA Mailing List
Subject: [isalist] RRas has died; usual fixes not working; no vpn
capability
http://www.ISAserver.org
Please read through.....have already tried usual fixes ISA 2000
2 servers at this location both member servers Both have correct DNS
entries PPTP connectons No IAS installed or ever used VPN access
restircted to a domain user group
was on a nt4 domain
upgraded PDC to 2003 AD a month ago
NO group policies have been configured on the domain.
no problems at all - vpn users never had an issue Out of the blue vpn
clients get the dreaded 930 error saying authentication server did not
respond to authentication requests in a timely fashion.
Occurring with both servers
Have compared to other servers and RRAS Auth and Encryption settings are
correct (unchanged for over 3 years).
both servers ARE in the RAS and IAS user group on the DC.
The RRAS log file path is default and is valid The goups Domain Admins;
domain users and everyone are in the GP policy for "Acessing this
computer from the network" on the DC as one pointer suggested.
A 3rd server on a separate subnet that has an NT 4BDC local to it allows
vpn just fine. This paticular subnet has not gone through the upgrade
process yet.
I promise you guys, I have searched till I have ran out of things to
try.
The only other thing that ocurred near same time as this failure began
was that one of our other subnets (not involved in the scenario
mentioned above...thus far) had it's NT4 BDC updgraded to AD). I see no
connectoin with the upgrade and the RRAS failing, but wanted to make
mention of everything I know.
When I run DCDIAG on the DC's I get a pass on every single test.
Replication is working.
Any ideas would be more welcome than you could imagine.
-John
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading
Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org Windows
Security Resource Site: http://www.windowsecurity.com/ Network Security
Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
isalist@xxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
The correct technical term for haggis stalking is "havering".
Other related posts:
