SBS 2003/ISA 2004 outgoing pptp error 628

Discussion in 'Windows Small Business Server' started by Wes, Aug 27, 2005.

  1. Wes

    Wes Guest

    I've been looking for a solution for a couple of weeks here and on other
    forums.
    I can pptp from outside into the server network just fine. But I can't pptp
    out. There is no hardware router in this network.

    I can successfully pptp into the destination networks just fine from other
    networks so I'm sure it is not the destination end issue.

    I get an error 628 immediately when trying to connect. I have access to 2
    sbs 2003/isa 2004 networks and have the same thing happen from both. Again,
    it doesn't appear to have anything to do with the external destination
    networks - and I've tried several.

    ISA 2004 has the going pptp rule set up and it looks ok.


    Wes
     
    Wes, Aug 27, 2005
    #1
    1. Advertisements

  2. Wes

    Wes Guest

    I did some additional investigation in the security event log on the
    destination server and this is what I found:

    The log entry has SYSTEM as the user whereas a successfull attempt has the
    actual user name entered in the PPTP connection. Also, the authentication
    package is different. I used default settings in both cases where I set up
    the outgoing pptp connectoid.

    The text of the login entry for the UNSUCCESSFUL attempt (SBS2003/ISA2004
    origination) is as follows:

    Successful Network Logon:
    User Name: DESTSERVER$
    Domain: DESTDOMAIN
    Logon ID: (0x0,0x9C13C46)
    Logon Type: 3
    Logon Process: Kerberos
    Authentication Package: Kerberos
    Workstation Name:
    Logon GUID: {stuff here}
    Caller User Name: -
    Caller Domain: -
    Caller Logon ID: -
    Caller Process ID: -
    Transited Services: -
    Source Network Address: 192.168.5.2
    Source Port: 29222


    The text of the login entry for the SUCCESSFUL attempt (from a mpm
    SBS2003/ISA2004 origination) is as follows:

    Successful Network Logon:
    User Name: username
    Domain: DOMAIN
    Logon ID: (0x0,0x9C1803B)
    Logon Type: 3
    Logon Process: IAS
    Authentication Package: MICROSOFT_AUTHENTICATION_PACKAGE_V1_0
    Workstation Name:
    Logon GUID: -
    Caller User Name: DOMAINSRV$
    Caller Domain: DOMAIN
    Caller Logon ID: (0x0,0x3E7)
    Caller Process ID: 1500
    Transited Services: -
    Source Network Address: -
    Source Port: -
     
    Wes, Aug 27, 2005
    #2
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.