Monday, 9 March 2009

MS PPTP VPN server with linux

I've been tearing my hair out for the last 8 working hours trying to get my Ubuntu Hardy VPN helper to connect me to a Windows 2003 PPTP service.

A windows PC would connect fine, but my linux clients would all fail, generating this message in the Windows server Event log: "You do not have permission to connect using the selected authentication protocol."

I'd done what I could to make sure my RAS policies specified MSCHAP, MSCHAPv2 and had EAP disabled (I had no certs and was fed up of RAS failing for lack of them). My linux clients were also selected to use only MSCHAP and MSCHAPv2 - but still no joy!

The final missing tip was the last post at: http://www.eggheadcafe.com/forumarchives/Windows2000ras_routing/Jan2006/post25331080.asp
where it seemed that I had to make sure the RAS servers own authentication methods matched (or probably were a superset of) the authentication methods of the policy. Once that was fixed, it all worked fine.

While I was there I also set the correct adaptor for use by DHCP/DNS/WINS as I only have one active adaptor anyway!

No comments:

Post a comment