Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Control » VPN Authentication Failure
  •  
frankxs

Messages: 85
Karma: 0
Send a private message to this user
Well, This is my first attempt to enable VPN in Winroute. Using KWF 6.2. I have a feeling I need some very basic help here. I set up the recommended rules and assigned IPs that do not conflict with my pub/priv address space. Below is a log created when I attempt to establish a VPN (admittedly, from within my private network, I'm assuming this should also work?)

Any advice appreciated. Says Authentication failure, but, I dunno...

-Frank

---------------------------------------
[19/04/2006 09:32:45] VPN driver opened, MAC = 44:45:53:54:70:08
[19/04/2006 09:32:45] VPN routing table monitor started
[19/04/2006 09:32:59] GUI: connecting to 'xxxxxxxx.xxxxxxxxxx.com'
[19/04/2006 09:32:59] D[VPN client] VPNClient[0001] - connecting to xxxxxxxx.xxxxxxxxxx.com:4090, username Administrator
[19/04/2006 09:32:59] D[VPN client] VPNClient[0001] - server name resolved - 172.22.1.3
[19/04/2006 09:32:59] D[VPN client] VPNClient[0001] - route to server added, gw = 172.22.1.5 (adapter 0x10003)
[19/04/2006 09:32:59] D[VPN client] VPNClient[0001] - local TCP address = 172.22.1.5:4669
[19/04/2006 09:32:59] D[VPN client] VPNClient[0001] - SSL connection successfully established
[19/04/2006 09:32:59] D[VPN SSL] Certificate checked, result = 0x00000895, revocation checking disabled in Internet Options
[19/04/2006 09:32:59] D[VPN client] VPNClient[0001] - sending VERSION message, version = 2
[19/04/2006 09:33:00] D[VPN client] VPNClient[0001] - received VERSION message, version = 2
[19/04/2006 09:33:05] Error (161): Authentication failed.
-----------------------------------------

******UPDATE*******
S*%t! I messed up. Sure enough, I was using the wrong password! Could have sworn it was right! (famous last words). Anyway, I got by the authentication error and now I am getting the following logfile... "Unable to add connection". Still working on it but not sure of which way to turn.

--------------------------------------
[19/04/2006 13:05:46] VPN driver opened, MAC = 44:45:53:54:70:08
[19/04/2006 13:05:46] VPN routing table monitor started
[19/04/2006 13:05:52] GUI: connecting to 'xxxxxxxx.xxxxxxxxxx.com'
[19/04/2006 13:05:52] D[VPN client] VPNClient[0001] - connecting to xxxxxxxx.xxxxxxxxxx.com:4090, username Administrator
[19/04/2006 13:05:52] D[VPN client] VPNClient[0001] - server name resolved - 172.22.1.3
[19/04/2006 13:05:52] D[VPN client] VPNClient[0001] - route to server added, gw = 172.22.1.5 (adapter 0x10003)
[19/04/2006 13:05:52] D[VPN client] VPNClient[0001] - local TCP address = 172.22.1.5:1184
[19/04/2006 13:05:52] D[VPN client] VPNClient[0001] - SSL connection successfully established
[19/04/2006 13:05:53] D[VPN SSL] Certificate checked, result = 0x00000895, revocation checking disabled in Internet Options
[19/04/2006 13:05:53] D[VPN client] VPNClient[0001] - sending VERSION message, version = 2
[19/04/2006 13:05:53] D[VPN client] VPNClient[0001] - received VERSION message, version = 2
[19/04/2006 13:05:54] D[Cipher] BLF[0/0]: generating blowfish parameters
[19/04/2006 13:05:54] D[Cipher] BLF[0/0]: allocated memory for blowfish cipher configuration.
[19/04/2006 13:05:54] D[Cipher] BLF[0/0]: blowfish parameters randomized
[19/04/2006 13:05:54] D[Cipher] BLF[0/0]: blowfish parameters generated
[19/04/2006 13:05:54] D[Cipher] BLF[0/0]: generating config message
[19/04/2006 13:05:54] D[Cipher] BLF[0/0]: generating config message
[19/04/2006 13:05:55] D[VPN client] VPNClient[0001] - received R_IPCONFIG message, IP = 10.1.1.2/255.255.255.0, CEP = 3600 s.
[19/04/2006 13:05:55] VPNClient[0001] - unable to add connection in driver, error -65518.
[19/04/2006 13:05:57] Error (104): Unable to add connection.
--------------------------------------

UPDATE... AGAIN!

Okay, got it working. Had to test from remote rather than local. It works. Now I can make a VPN connection using the local database for authentication.

Question, in order to see the network resources, is it necessary to be authenticated against the domain? My Kerio VPN server machine is a member of a W2K3 domain. I am only configured to authenticate against the Kerio local database at this time. Should the local database authentication allow me to see shares on the Kerio server itself??? I can't right now.

Would appreciate a reply.

-Frank

[Updated on: Fri, 21 April 2006 16:33]

  •  
frankxs

Messages: 85
Karma: 0
Send a private message to this user
feite wrote on Mon, 24 April 2006 19:03

See http://forums.kerio.com/index.php?t=msg&th=8920&star t=0&S=5422fccd5ab9476f5894859d69e6fe73
Cute. That is a link to the post that I made after I figured it out Laughing

-Frank
  •  
denver19

Messages: 1
Karma: 0
Send a private message to this user
frankxs wrote on Tue, 25 April 2006 05:02
feite wrote on Mon, 24 April 2006 19:03
See http://forums.kerio.com/index.php?t=msg&th=8920&star t=0&S=5422fccd5ab9476f5894859d69e6fe73
Cute. That is a link to the post that I made after I figured it out Laughing

-Frank


well really a cute one....
Previous Topic: 2 WAN Scenario problems, critical
Next Topic: KWF v6.7.1 HTTP Direct connection (without proxy) doesn't work
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Thu Oct 19 09:00:16 CEST 2017

Total time taken to generate the page: 0.00397 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.