In my previous post, I went through the steps on how to migrate your ISA 2006 to Forefront TMG 2010.
Although all steps ran smoothly and took less than an hour, one issue was left, which took a bit more investigation. The VPN dial-up connections did not work anymore. During the connection, the ISA Server logged some error messages:
- Source: NPS : % no domain controller is available %
- Source: RRAS: %user authentication policy is preventing communication with the system. This could mean some NPS policy has mismatched configurations…%
After digging into what NPS is (Network Policy Server), I found out the solution was rather simple:
* Open NPS Console : Start / Administrative Tools / Network Policy Server
* Select Servername, rightclick / Authorize in Active Directory
* This gives a message popup saying the NPS service is now able to accept incoming connections
And indeed, the next VPN test succeeded without issue.
‘till next time, /Peter
Posted
Mar 16 2010, 10:56 PM
by
Peter De Tender