Log in with Dial-Up networking error -- EAP-TLS

I have a 2003 Server configured with RRAS/IAS accepting PPTP connections.
From the desktop, I can VPN in just fine (this is using Connection Manager
with the sample Quarantine Access Control scripts), however, from the
CTRL-ALT-DEL screen I'm getting this error:

798 - A certificate could not be found that can be used with this Extensible
Authentication Protocol.

I have a machine certificate ("Client Authentication") so I'm unsure as to
why it isn't picking this up. RRAS is set to use EAP-TLS ("Smartcard or
Other Certificate"). I am not using Smartcards, but rather auto-enrolled
certs.

Any ideas where to start?

Hi Trevor,

The following may be what you are looking for:

http://groups.google.com/group/micro...2e5706f96a63e6


"Trevor Seward" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
>I have a 2003 Server configured with RRAS/IAS accepting PPTP connections.
>From the desktop, I can VPN in just fine (this is using Connection Manager
>with the sample Quarantine Access Control scripts), however, from the
>CTRL-ALT-DEL screen I'm getting this error:
>
> 798 - A certificate could not be found that can be used with this
> Extensible Authentication Protocol.
>
> I have a machine certificate ("Client Authentication") so I'm unsure as to
> why it isn't picking this up. RRAS is set to use EAP-TLS ("Smartcard or
> Other Certificate"). I am not using Smartcards, but rather auto-enrolled
> certs.
>
> Any ideas where to start?
>

Unlike that poster, I have no problem VPNing from the desktop, only from the
CTRL-ALT-DEL screen. WPA Enterprise also works fine with
User-reauthentication.

The certificate is just the Common Name (as is the CA cert -- same server)
in IAS/RRAS.


"Michael Giorgio - MS MVP" <(E-Mail Removed)> wrote in
message news:(E-Mail Removed)...
> Hi Trevor,
>
> The following may be what you are looking for:
>
> http://groups.google.com/group/micro...2e5706f96a63e6
>
>
> "Trevor Seward" <(E-Mail Removed)> wrote in message
> news:(E-Mail Removed)...
>>I have a 2003 Server configured with RRAS/IAS accepting PPTP connections.
>>From the desktop, I can VPN in just fine (this is using Connection Manager
>>with the sample Quarantine Access Control scripts), however, from the
>>CTRL-ALT-DEL screen I'm getting this error:
>>
>> 798 - A certificate could not be found that can be used with this
>> Extensible Authentication Protocol.
>>
>> I have a machine certificate ("Client Authentication") so I'm unsure as
>> to why it isn't picking this up. RRAS is set to use EAP-TLS ("Smartcard
>> or Other Certificate"). I am not using Smartcards, but rather
>> auto-enrolled certs.
>>
>> Any ideas where to start?
>>
>
>

Okay then I would suggest you post your issue to the following:
microsoft.public.internet.radius . I think you'll get more responses.


"Trevor" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> Unlike that poster, I have no problem VPNing from the desktop, only from
> the CTRL-ALT-DEL screen. WPA Enterprise also works fine with
> User-reauthentication.
>
> The certificate is just the Common Name (as is the CA cert -- same server)
> in IAS/RRAS.
>
>
> "Michael Giorgio - MS MVP" <(E-Mail Removed)> wrote in
> message news:(E-Mail Removed)...
>> Hi Trevor,
>>
>> The following may be what you are looking for:
>>
>> http://groups.google.com/group/micro...2e5706f96a63e6
>>
>>
>> "Trevor Seward" <(E-Mail Removed)> wrote in message
>> news:(E-Mail Removed)...
>>>I have a 2003 Server configured with RRAS/IAS accepting PPTP connections.
>>>From the desktop, I can VPN in just fine (this is using Connection
>>>Manager with the sample Quarantine Access Control scripts), however, from
>>>the CTRL-ALT-DEL screen I'm getting this error:
>>>
>>> 798 - A certificate could not be found that can be used with this
>>> Extensible Authentication Protocol.
>>>
>>> I have a machine certificate ("Client Authentication") so I'm unsure as
>>> to why it isn't picking this up. RRAS is set to use EAP-TLS ("Smartcard
>>> or Other Certificate"). I am not using Smartcards, but rather
>>> auto-enrolled certs.
>>>
>>> Any ideas where to start?
>>>
>>
>>
>
>