While using VPN services this is another issue that by which the users usually get troubled. The client gets connected to the VPN server but did not able to log on to the servers. This issue is encountered by many people and makes them feel annoyed, as even after getting connected they would not be able to get access to the VPN services. There can be several possible causes for this problem but here we would like to discuss three major causes that are responsible for this issue.
1. Configuration of the domain and server accounts
Configuration of the server as a domain controller requires the dial-in permission for the domain account of the user. A user gets authenticated in two ways: (1) using a local account on Remote access server, (2) by implementing a registry edit. In both cases, your account must have permission to dial in.
2. Configuration of computer accounts
If the client system is working on a newer version of windows, then before testing the connection simply create a new account for the computer in the server manager. Now if there exists a computer account already and the system is offline for a long time, then the password on the Primary domain controller can be different from the client. You can simply delete the old account and create a new one to get rid of this problem.
3. Client authentication negotiated
The PPTP users are authenticated by three types of protocols by a Remote access server. These are :
- Password Authentication Protocol (PAP)
- Challenge Handshake Authentication Protocol (CHAP)
- Microsoft Challenge Handshake Authentication Protocol (MSCHAP)
The negotiation completely depends on the incoming VPN ports of the server and the network settings related to the PPTP connection of the client.
The options that are available to be configured on the server and the client are:
- All types of authentication are allowed including clear texts. The server uses the PAP, CHAP, and MSCHAP for authenticating the client requests.
- Allow Encrypted authentication. Server uses MSCHAP, DES for authentication.
- Allow only Microsoft Encrypted authentication. The server uses only MSCHAP for authentication.
Other than the above troubleshooting tricks, you can also check the windows event viewer security log to check out if everything is ok with the accounts and the passwords. Also, you can have a look at the available VPN ports.
Conclusion
In this article, we have tried to troubleshoot the major issue ‘client connected but failed to login’ which causes problems in accessing the services while using a VPN connection. You can implement the above ways to get rid of this problem and can enjoy your VPN services.