Hi to all,

L2TP over IPSec VPN works fine for me but with a strange problem.

I get the same error "Access denied because username and/or password is invalid on the domain" if for any reason the teleworker disconnected from VPN connection and change the IP from ISP, then try to connect again...

I use 3G connection (Vodafone) to connect to vigor 2930n but same thing happent also if I make a connection from a typical ADSL,connect to VPN,disconnect VPN,restart teleworker router to change IP and try to connect again to VPN.

If disconnect only the VPN connection and connected back again there are no errors.

I've tried almost all versions Smart VPN client that I found and had from the past without success.The latest one that I use is version 4.0.0.2

I found only one "tricky way" to solve temporary this problem.
Just mark & unmark the "PAP Authentication" at Smart VPN client

Vigor firmware version: 3.3.0

Any help will be appreciated !

Regards,
George

Dear All

I have managed, after a fashion, to fix the problem previously described.

Initially I checked the logs on the router and discovered that a message to the effect that "CHAP Authentication Failed" was being logged. I then tried enabling the "Authentication Method" and setting it to CHAP (on the client). This also failed.

I then upgraded the VPN client to 4.0.0.2 as suggested by Voodle. Still no luck, but enabling the "Authentication Method" and setting to CHAP then fixed the problem.

So, in summary the fix was to upgrade to 4.0.0.2 of the client and set the Authentication Method to CHAP (also on the client).

Regards

Paul

Dear Paul,

at my case this didn't help.

I use 4.0.0.2 last two weeks but every time that teleworker change IP..the same error with or without authentication, PAP or CHAP
Also, even without authentication, L2TP use CHAP by default.

So, for now I've change the whole 'project' from L2TP to SSL...

Thanks for the feedback!

Regards,
George

Hi,

This info may or may not help, but I've just got a 2830 and correctly configured 3x remote dial-in users and find, out of the 3x users configured one 1x always authenticates and successfully connects via VPN using L2TP with IPSEC. The other 2x always complain of an incorrect username/password not valid on the domain - this error is completely misleading and not really what is going on at all.

All my testing has been conducted from the same remote site connected via single fixed ADSL, to a central site where the router is located with a fix ISP IP address.

I'm going to play with the CHAP/MS-CHAP settings on both router and client to see if I can remove this issue.

Update on previous post.

The original posters error message is issued by windows pc's as a mask for completely different errors. I've had this message alot and it was ONLY related to issues with encryption algorythems selected NOTHING to do with username/password issues.