Hello I'm having trouble creating a VPN tunnel to my Windows server from a Advantech router.
I'm trying to make a VPN PPTP connection from a Advantech ICR-2431W router to my Windows server 2016 server. The Windows server is in this case the VPN server and the router client. The problem I have is with the authentication part of the connection. This connection works with a SIM card over 4G. Before I was using Teltonika routers but these routers does not have some options that I need what the Advantech does have.
Error from Windows server
CoId={NA}: The user **** connected from 127.0.0.1 but failed an authentication attempt due to the following reason: The connection was prevented because of a policy configured on your RAS/VPN server. Specifically, the authentication method used by the server to verify your username and password may not match the authentication method configured in your connection profile. Please contact the Administrator of the RAS server and notify them of this error.
Where **** is the username located and I changed the IP address for privacy.
Findings:
Advantech supports PPTP.
Advantech only supports CHAP authentication.
What I tried:
I tested if the SIM card has internet and is allowed to make a VPN connection. This I have done by putting the SIM card in another router (Teltonica RUT 360) and this works flawless. Within a couple of minutes of turning the Teltonika on I have a stable VPN connection to my server.
I tried the multible VPN accounts on both routers, as expected all the accounts work fine on the Teltonika but not on the Advantech.
In my Windows server I tried turning on every CHAP setting I could find. These where in NPS (Network Policy Server) and in Routing and Remote Access. This did nothing to the Advantech router or the existing Teltonika accounts/routers.
I tried after the previous point failed to turn off every MS-CHAP setting so that the server only accepts CHAP authentication. This resulted in again that Advantech just wouldn't work but now the existing Teltonika accounts/routers wouldn't connect anymore
The only thing I could get to work is when I turned on unauthentication in the settings. This isn't an option for me for obvious reasons.
If anyone has any idea what could cause this problem or if I missed anything.