Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Windows RRAS PPTP VPN Connection issues error 691


16 Feb 2012   #1

windows 7 32/64, server 2003/2008, windows XP
 
 
Windows RRAS PPTP VPN Connection issues error 691

Hello and thanks in advance for any help.

I have a small office network with only a couple servers, and even fewer workstations. We have WiFi and cabled Ethernet, and are running a Verizon Fios internet connection. I have setup a RRAS (routing and remote access) server, and established the VPN.

I can connect to the VPN with no errors or problems via the internal network. When I attempt to connect to the VPN via an internet connection it fails with error 691.

I can see the traffic via the router logs. I can also see errors in the RRAS servers event viewer, so I know that the connection is being made, but for some reason authentication is failing.

All the settings are the same for both connections, and I am using the same user name and password for both connections as well.

How can the authentication fail connecting to the same VPN, using the same method, just having the data go two different directions? PLEASE HELP!

thanks again.


My System SpecsSystem Spec
.

16 Feb 2012   #2

Windows 7 Ultimate x64
 
 

Hello,

Have you looked at the following:
"Error 691" or "Error 734" When You Attempt to Establish a Dial-Up Connection in Windows XP

Also, can you verify that the networks are on different IP Ranges, as this is required for VPN Connectivity to work correctly.

Can you give us some more information on the RRAS Errors?


Dave
My System SpecsSystem Spec
16 Feb 2012   #3

windows 7 32/64, server 2003/2008, windows XP
 
 

I'm not sure if it makes a difference, but I suppose I should have mentioned: the RRAS server is a 2008 Datacenter machine, and I am connecting using a windows 7 64bit machine.

as far as different IP ranges, I'm not sure what you mean? The RRAS server is configured to assign IPs via DHCP, from about 10.11.12.245 - 10.11.12.250 for the VPN connections. All the machines running on the network are using 10.11.12.92 or lower.

When connecting via the internet the RRAS server sees a connection from our outside IP which is a totally different network. This is expected, and should be fine as far as I know.

The errors I am seeing in the RRAS server event viewer are:

WARNING: Event ID 20271 Source: RemoteAccess

The user Domain.Name\UserName connected from 108.38.87.252 but failed an authentication attempt due to the following reason: The connection was prevented because of a policy configured on your RAS/VPN server. Specifically, the authentication method used by the server to verify your username and password may not match the authentication method configured in your connection profile. Please contact the Administrator of the RAS server and notify them of this error.

AND

ERROR: Event ID 20255 Source:RemoteAccess

The following error occurred in the Point to Point Protocol module on port: VPN2-127, UserName: Domain.Name\UserName. The connection was prevented because of a policy configured on your RAS/VPN server. Specifically, the authentication method used by the server to verify your username and password may not match the authentication method configured in your connection profile. Please contact the Administrator of the RAS server and notify them of this error.

The reason I am confused by these errors, is that I am using the exact same settings and user account to log in via our LAN, but I can not connect from outside the network. I know the port forwarding is working fine, because I see the traffic in the router Logs, and the connection is established, it just doesn't authenticate.

Thanks again for your help!
My System SpecsSystem Spec
.


17 Feb 2012   #4

Windows 7 Ultimate x64
 
 

Hello,

Sorry I was getting confused with a site-to-site VPN, you can ignore my IP comment.

The errors do point to a configuration error within RRAS. Do you have any IP ACL's? Also, does the user account have the correct permissions on the "Dial-In" tab within Active Directory?


Dave
My System SpecsSystem Spec
18 Feb 2012   #5

windows 7 32/64, server 2003/2008, windows XP
 
 

The errors definitely point to a configuration error, however I am using the EXACT same settings, minus the server name, to connect from inside the LAN.

I am able to connect to the VPN from inside the LAN.
It is only when trying to connect from outside the LAN, that I am having any trouble.
I am using the same User account and Password (which should work from outside the LAN, if it works from inside).
I am also using the EXACT same security/authentication settings.

The only reason I'm am using a different server name, is that our internal DNS is not public, so I am using DynDNS to send traffic to our outside router, and it is forwarded from there to the server. This is fine, the VPN traffic is getting to the server, and the server is responding, it's just not authenticating.

We are not using ACLs or any complicated Firewall settings (this is a very small office network), and since I can log in using my account from inside the LAN, the problem is not the account I am using. The problem is somewhere in RRAS, but I don't see how it can be a configuration error, if I can log in via the LAN using the exact same settings that I am trying to connect with Via an outside connection.
My System SpecsSystem Spec
18 Feb 2012   #6

windows 7 32/64, server 2003/2008, windows XP
 
 

I Have Resolved The Issue!

All I did was leave the domain name blank for the outside connection.
I entered just the Username and Password, and clicked connect, and it finally connected. Don't know why the Domain Name would cause this, especially since it works with the domain entered for the LAN connection.

Thanks For your help Dave.

Hope this helps someone else someday...
My System SpecsSystem Spec
19 Feb 2012   #7

Windows 7 Ultimate x64
 
 

Well done for resolving the issue (Y) and thank you for confirming the solution!


Dave
My System SpecsSystem Spec
Reply

 Windows RRAS PPTP VPN Connection issues error 691




Thread Tools



Similar help and support threads for2: Windows RRAS PPTP VPN Connection issues error 691
Thread Forum
Pptp connection created but no traffic passing Network & Sharing
Windows 7 network connection issues Network & Sharing
How Can I share VPN Internet with incoming VPN connection (pptp) ? Network & Sharing
Possible to deploy a PPTP connection with a script Network & Sharing
PPTP VPN Connection won't connect 619 error Network & Sharing
Slow network copy over PPTP VPN connection Network & Sharing
RRAS VPN to Win 2008 Network & Sharing

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 03:58 AM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33