G-Stress Posted January 23, 2012 Posted January 23, 2012 About to seriously pull out hair that I don't have! I've been working on this for the past hour and a half looking at YouTube how-to's trainsignal vid's, etc. For some weird reason even I'm testing locally right now once I get it working locally I'm sure it will work remotely. I've created my polices with NPS, removed polices, created new one's, modified policies, registered NPS with AD. As far as the user accounts go I've set to Allow dial in access and I've tried even setting to control access through NPS. I've unticked the box in the policy to ignore user's dial in properties, so it should work right? Wrong. This has got me pretty frustrated, because working with NPS seems easy and looking at the log file I wasn't able to make much sense of any error's there. However I did see in the event viewer in the network policy access events that "user account USER connected on port PORT, but does not have remote access privileges. I don't understand how that is if I have granted access to the user account? The funny thing is the default Admin account connects just fine. Looking at and comparing the user attributes to a second admin account I've created the only difference is a few groups that the secondary account does not belong to. My goal is to create a working PPTP VPN connection and Radius authentication for wireless. Neither are working. As far as Radius goes every vid and learning module I've watched always used certificate services and joined the machines to the domain. Can this be done without using certificates and joining the pc to the domain? Quote
Infiltrator Posted January 24, 2012 Posted January 24, 2012 Read through this thread, it should help you out with your problem. http://social.technet.microsoft.com/Forums/en-US/winserverNIS/thread/62c382fc-ebf8-4c69-9569-5cda792a19bf/ Quote
G-Stress Posted January 24, 2012 Author Posted January 24, 2012 I actually saw this link while searching that night and tried everything as listed here to no success, I just forgot to mention it. I was just so frustrated. NPS is a pain! Read through this thread, it should help you out with your problem. http://social.technet.microsoft.com/Forums/en-US/winserverNIS/thread/62c382fc-ebf8-4c69-9569-5cda792a19bf/ Quote
Infiltrator Posted January 25, 2012 Posted January 25, 2012 Could you provide a copy of those log files for us? Quote
G-Stress Posted January 27, 2012 Author Posted January 27, 2012 I figured it out. After hours of frustration, but now I am documenting everything. As far as the fix for anyone interested I should have tried to connect after each change I made, but it was either... 1. Symantec Endpoint Protection in the Network and Sharing Center -> Network Connections -> Advanced -> Advanced Settings -> Provider Order tab and what I did was arrow up the Microsoft Windows Network to be first in line. Prior it was set for Symantec SNAC network provider order. or 2. A Network policy (after the many many many that I've created and modified) that the only difference is in the Conditions I added authentication type MS-CHAP v1 & v2, v1,v2 CPW and EAP and the only Constraint I added was Microsoft Secured Password (EAP-MSCHAP v2). Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.