Thomas Shinder Blog RSS

All Blogs  »  Thomas Shinder Blog  »  News ISA Central  »  Blog article: NTLMv2 and ISA Firewall VPN Services - The Solution

NTLMv2 and ISA Firewall VPN Services - The Solution

Great post from Jason Jones on the ISAserver.org Web boards:

Thought this info may be of use…

Had an issue today with ISA VPN authenticating to domain controllers that are configured to only accept NTLMv2. This was a problem as MSCHAP and MSCHAP2 only use NTLMv1 by default and hence you cannot autenticate to an ISA VPN conection as the DC’s refuse the credentials.

This can be fixed with Win2k3 SP1 by adding a reg key on the ISA server and restarting the RRAS service. RRAS can then use NTLMv2 allowing successful VPN auth…hurrah!! s4

http://support.microsoft.com/kb/893318/en-us

Cheers

JJ

_____________________________

Jason Jones - Silversands - http://www.silversands.co.uk

Thanks Jason! Great tip.

HTH,

Tom

Thomas W Shinder, M.D.

Site: www.isaserver.org

Blog: http://blogs.isaserver.org/shinder/

Book: http://tinyurl.com/3xqb7

MVP — ISA Firewalls

This entry was posted on Wednesday, May 17th, 2006 at 12:49 pm and is filed under News, ISA Central. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Reply

This is a captcha-picture. It is used to prevent mass-access by robots. (see: www.captcha.net)

You must read and type the 5 chars within 0..9 and A..F, and submit the form.

  

If CAPTCHA image is missing or you cannot read the characters above, please generate a




Receive all the latest articles by email!

Receive Real-Time & Monthly ISAserver.org article updates in your mailbox. Enter your email below!
Click for Real-Time sample & Monthly sample

Become an ISAserver.org member!

Discuss your ISA Server issues with thousands of other ISA Server experts. Click here to join!

Solution Center