No announcement yet.

configure VPN using RRAS

  • Filter
  • Time
  • Show
Clear All
new posts

  • configure VPN using RRAS


    we have SonicWall device and I am trying to configure Windows 2003 RRAS VPN.

    The server has one network card, and RADIUS is already configured. How do I
    configure RRAS VPN, so that domain users are able to VPN into the domain.

    Right now, when I configure everything, I get an error 649. And I have
    checked that error out - it would seem that somewhere in the configuration
    something is wrong.


  • #2
    Re: configure VPN using RRAS

    Error 649 is the Account does not have permission to dial-in. Have you configured dial-in permissions for the user in Active Directory and/or setup a VPN users remote access policy?

    To verify this open up Active Directory Users and Computers, open the users properties and go to the dial-in tab. By default this will be either Deny, or Control Access through Remote Access Policy. This depends on Domain Funtional Level, you need to be Windows 2000 Native or Windows Server 2003 for the Control Access via Remote Access Policy option to become available.

    If you have setup a policy I'd set it to allow for testing purposes, and then verify you can connect. If you can, the policy is the culprit.
    BSc, MCSA: Server 2008, MCSE, MCSA: Messaging, MCTS
    Cruachan's Blog


    • #3
      Re: configure VPN using RRAS

      When you create an AD user on the dial-in tab the default selection is control through remote access policy. In RRAS the default access policy is to deny remote connections so I would check the policy first if you didn't change the defaults.