[isalist] Re: VPN Authentication w/Radius to Server 2008

  • From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
  • To: <isalist@xxxxxxxxxxxxx>
  • Date: Thu, 10 Sep 2009 22:59:52 -0500

Hi Steven,


That is interesting. I haven't tested this scenario yet, but given how
easy it is to make work with Win2003 makes me wonder what is going on
with NPS. Microsoft is definitely not on the "ease of use" path these
days, so it might take some work to figure out what the problem is. I'll
put it on my list.





From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx]
On Behalf Of Steven Comeau
Sent: Thursday, September 10, 2009 8:55 PM
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] VPN Authentication w/Radius to Server 2008


Our ISA 2006 box is not on the domain, so we use RADIUS to authenticate
VPN users against the Domain.  We've been successfully using RADIUS on a
Win2003 Server without issue for quite some time now, but I'm now
transitioning to Server 2008 and am having a bear of a time with
Authenticating users via VPN.  All seems to be fine on the actual RADIUS
server/client communication, but it appears that NPS on Server 2008 (the
IAS replacement) keeps giving me the 691 Error (bad username/password)
when I try to VPN.  It appears that NPS on Server 2008 can't
authenticate users against the Active Directory.


I know this isn't really an ISA issue, but if anyone has any help or
documents they can point me to, that would be excellent.  I've done the
MS one on adding the domain\ before the username, but that didn't solve
the issue.  Anyone have NPS configuration issues with VPN and experience
with solving them?




Steve Comeau

Associate Director of IT  Rutgers Athletics

83 Rockafeller Road

Piscataway, NJ  08854


732-445-4623 (fax)

www.scarletknights.com <http://www.scarletknights.com> 







***  This message contains confidential information and is
intended only for the individual named. If you are not the
named addressee, you should not disseminate, distribute or
copy this e-mail. Please notify the sender immediately by
e-mail if you have received this e-mail by mistake and delete
this e-mail from your system. E-mail transmission cannot be
guaranteed to be secure or error-free as information could be 
intercepted, corrupted, lost, destroyed, arrive late or
incomplete, or contain viruses.  The sender therefore does not
accept liability for any errors or omissions in the contents of
this message, which arise as a result of e-mail transmission.
If verification is required please request a hard-copy version.
Rutgers University - DIA
83 Rockafeller Road
Piscataway, NJ 08854
www.scarletknights.com *** 

PNG image

JPEG image

Other related posts: