Remote user doesnt have permission to dial in , after installing RADIUS 2003 Server

Hello, I have an issue I cant seem to be able to resolve. Any input
provided is highly appreciated.

I recently setup a CA / Radius server in order to verify wireless
clients. However, now vpn clients cannot dial in to the network ( VPN
) Only way I can get the users to dial in is by specifically granting
them dial up access via their userID in active directory users. If I
select control access viia remote access policies, it doesnt work. The
user gets the error " remote user doesnt have permission to dial in"



Radius is working since my wireless clients are succesfully
authenticating against it.


I am wondering if I have to change anything on the RAS for this to
work?

Btw, in the radius user, theres already a preconfigured allowed VPN
access. The group to which the user belong has already been added to
the allowed list.


thank you.

El CiD <(E-Mail Removed)> wrote in
news:(E-Mail Removed):

>
>
> Hello, I have an issue I cant seem to be able to resolve. Any input
> provided is highly appreciated.
>
> I recently setup a CA / Radius server in order to verify wireless
> clients. However, now vpn clients cannot dial in to the network ( VPN
> ) Only way I can get the users to dial in is by specifically granting
> them dial up access via their userID in active directory users. If I
> select control access viia remote access policies, it doesnt work. The
> user gets the error " remote user doesnt have permission to dial in"
>
>
>
> Radius is working since my wireless clients are succesfully
> authenticating against it.
>
>
> I am wondering if I have to change anything on the RAS for this to
> work?
>
> Btw, in the radius user, theres already a preconfigured allowed VPN
> access. The group to which the user belong has already been added to
> the allowed list.
>
>
> thank you.
>
>
>

Hi there --

Probably because you installed IAS, RRAS no longer processes connection
requests. To fix this, configure the VPN server as a RADIUS client on the
IAS server (and configure the RRAS server to use RADIUS authentication and
to use the IAS server as the authenticating server) and also create one or
more remote access policies in IAS that allow VPN access (just copy
whatever policies you originally created in RRAS).

--
James McIllece, Microsoft

Please do not send email directly to this alias. This is my online account
name for newsgroup participation only.

This posting is provided "AS IS" with no warranties, and confers no rights.

thank you!



On Wed, 24 Oct 2007 12:52:06 -0700, "James McIllece [MS]"
<(E-Mail Removed)> wrote:

>El CiD <(E-Mail Removed)> wrote in
>news:(E-Mail Removed) :
>
>>
>>
>> Hello, I have an issue I cant seem to be able to resolve. Any input
>> provided is highly appreciated.
>>
>> I recently setup a CA / Radius server in order to verify wireless
>> clients. However, now vpn clients cannot dial in to the network ( VPN
>> ) Only way I can get the users to dial in is by specifically granting
>> them dial up access via their userID in active directory users. If I
>> select control access viia remote access policies, it doesnt work. The
>> user gets the error " remote user doesnt have permission to dial in"
>>
>>
>>
>> Radius is working since my wireless clients are succesfully
>> authenticating against it.
>>
>>
>> I am wondering if I have to change anything on the RAS for this to
>> work?
>>
>> Btw, in the radius user, theres already a preconfigured allowed VPN
>> access. The group to which the user belong has already been added to
>> the allowed list.
>>
>>
>> thank you.
>>
>>
>>
>
>Hi there --
>
>Probably because you installed IAS, RRAS no longer processes connection
>requests. To fix this, configure the VPN server as a RADIUS client on the
>IAS server (and configure the RRAS server to use RADIUS authentication and
>to use the IAS server as the authenticating server) and also create one or
>more remote access policies in IAS that allow VPN access (just copy
>whatever policies you originally created in RRAS).