Cannot connect to a VPN server - authentication failed with error code 691

Posted by stacker on Server Fault See other posts from Server Fault or by stacker
Published on 2010-12-29T13:30:53Z Indexed on 2011/11/26 1:53 UTC
Read the original article Hit count: 763

When trying to connect to a VPN server, I get the 691 error code on the client, which say:

Error Description: 691: The remote connection was denied because the user name and password combination you provided is not recognized, or the selected authentication protocol is not permitted on the remote access server.

I validated that the username and password are correct. I also installed a certification to use with the IKEv2 security type. I also validated that the VPN server support security method.

But I cannot login. In the server log I get this log:

Network Policy Server denied access to a user.

The user DomainName\UserName connected from IP address but failed an authentication attempt due to the following reason: The remote connection was denied because the user name and password combination you provided is not recognized, or the selected authentication protocol is not permitted on the remote access server.

Any idea of what can I do? Thanks in advance!

Log Name:      Security
Source:        Microsoft-Windows-Security-Auditing
Date:          12/29/2010 7:12:20 AM
Event ID:      6273
Task Category: Network Policy Server
Level:         Information
Keywords:      Audit Failure
User:          N/A
Computer:      VPN.domain.com
Description:
Network Policy Server denied access to a user.

Contact the Network Policy Server administrator for more information.

User:
  Security ID:          domain\Administrator
  Account Name:         domain\Administrator
  Account Domain:           domani
  Fully Qualified Account Name: domain.com/Users/Administrator

Client Machine:
  Security ID:          NULL SID
  Account Name:         -
  Fully Qualified Account Name: -
  OS-Version:           -
  Called Station Identifier:        192.168.147.171
  Calling Station Identifier:       192.168.147.191

NAS:
  NAS IPv4 Address:     -
  NAS IPv6 Address:     -
  NAS Identifier:           VPN
  NAS Port-Type:            Virtual
  NAS Port:         0

RADIUS Client:
  Client Friendly Name:     VPN
  Client IP Address:            -

Authentication Details:
  Connection Request Policy Name:   Microsoft Routing and Remote Access Service Policy
  Network Policy Name:      All
  Authentication Provider:      Windows
  Authentication Server:        VPN.domain.home
  Authentication Type:      EAP
  EAP Type:         Microsoft: Secured password (EAP-MSCHAP v2)
  Account Session Identifier:       313933
  Logging Results:          Accounting information was written to the local log file.
  Reason Code:          16
  Reason:               Authentication failed due to a user credentials mismatch. Either the user name provided does not map to an existing user account or the password was incorrect.

© Server Fault or respective owner

Related posts about vpn

Related posts about windows-server-2008-r2