Issues with MS RAS server

Daniel 81 Reputation points
2024-09-23T18:44:52.74+00:00

We are running Windows server 2019 with RAS role and have a second server that is Windows server 2019 with NPS role. We are experiencing problems with VPN connection for a group of users located in a different AD forest. These users are not able to authenticate and receive an error message:

 Can’t connect to VPN User Tunnel The remote access connection completed, but authentication failed because the certificate that authenticates the client to the server is not valid. Ensure that the certificate used for authentication is valid.

 

In event logs we see errors:

 

  • System   - Provider    [ Name]  RemoteAccess   - EventID 20271    [ Qualifiers]  0    Level 3    Task 0    Keywords 0x80000000000000   - TimeCreated    [ SystemTime]  2024-09-15T18:17:33.908487400Z    EventRecordID 13255841    Channel System    Computer VPN.domain.local    Security  - EventData    {74530D90-09AB-0007-E3A7-6074AB09DB01}    user@domain.com    IP ADDRESS    The connection was prevented because of a policy configured on your RAS/VPN server. Specifically, the authentication method used by the server to verify your username and password may not match the authentication method configured in your connection profile. Please contact the Administrator of the RAS server and notify them of this error.    0x70    2C030000  -------------------------------------------------------------------------------- Binary data: In Words 0000: 0000032C     In Bytes 0000: 2C 03 00 00               ,... Currently rebooting both servers help with solving the issue. 
Windows Server 2019
Windows Server 2019
A Microsoft server operating system that supports enterprise-level management updated to data storage.
3,809 questions
Windows Server
Windows Server
A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.
13,289 questions
Windows Server Infrastructure
Windows Server Infrastructure
Windows Server: A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.Infrastructure: A Microsoft solution area focused on providing organizations with a cloud solution that supports their real-world needs and meets evolving regulatory requirements.
553 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Daisy Zhou 25,681 Reputation points Microsoft Vendor
    2024-09-25T08:01:40.1333333+00:00

    Hello Daniel,

    Thank you for posting in Q&A forum.

    Make sure you have configured the certificate correctly, here is a similar issue for your reference:

    Always On VPN (IKEv2) suddenly stopped working. - Microsoft Q&A

    And you said reboot both server solving the issue, will this issue happen again?

    If it happens again, how is the network connectivity between the 2 servers? Please check the network connectivity between the 2 servers

    I hope the information above is helpful.

    If you have any questions or concerns, please feel free to let us know.

    Best Regards,

    Daisy Zhou

    ============================================

    If the Answer is helpful, please click "Accept Answer" and upvote it.

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.