AuthClient # 0 (xx.xx.xx.x): GetCH: Alloc for user name fail

Bordermanager 3.9 on Netware 6.5 SP8

Configured VPN server and Client to Site service.

When a client attempts to connect, the following error is displayed:
"Authentication gateway failed to verify entered parameters." "A general
error was reported by the authentication gateway."

The log shows the following:

A connection was opened for a VPN client at address xx.xx.xx.x.
2011-07-05 09:34:56	VPN client user name at address xx.xx.xx.x is
xxxxxxxxxxxxx.
2011-07-05 09:34:56	AuthClient # 0 (xx.xx.xx.x): GetCH: Alloc for user
name failed.
2011-07-05 09:34:58	Connection closed for the VPN client at address
xx.xx.xx.x.

Any help would be appreciated.

Thank You,
Jason Rothwell


-- 
jrothwell
------------------------------------------------------------------------



0
jrothwell
7/5/2011 3:36:01 PM
novell.bordermanager.vpn 2677 articles. 0 followers. Follow

1 Replies
723 Views

Similar Articles

[PageSpeed] 45

On 05/07/11 17:36, jrothwell wrote:
>
> Bordermanager 3.9 on Netware 6.5 SP8
>
> Configured VPN server and Client to Site service.
>
> When a client attempts to connect, the following error is displayed:
> "Authentication gateway failed to verify entered parameters." "A general
> error was reported by the authentication gateway."
>
> The log shows the following:
>
> A connection was opened for a VPN client at address xx.xx.xx.x.
> 2011-07-05 09:34:56	VPN client user name at address xx.xx.xx.x is
> xxxxxxxxxxxxx.
> 2011-07-05 09:34:56	AuthClient # 0 (xx.xx.xx.x): GetCH: Alloc for user
> name failed.
> 2011-07-05 09:34:58	Connection closed for the VPN client at address
> xx.xx.xx.x.
>
> Any help would be appreciated.
>
> Thank You,
> Jason Rothwell
>
>


1. Verify it is bm39sp2_ir1 at server
2. Verify it is vpn client 3.9.3
3. Verify that an authentication and traffic rule has been created
4. Check csaudit log for more detail info of the error
5. Enable nmas trace on vpn server and see if any error is reported.
0
Mysterious
7/6/2011 7:34:51 AM
Reply:

Similar Artilces:

/MH-xx.xx.xx.xx
I use Verizon DSL and they require a username/password to use their outgoing smtp server. Too many hosts reject my e-mail because of my dynamic IP. Does GW6.5 allow a username/pswd combo to log in to an ISP's SMTP server? Hi, Tried looking at the Dial-up settings on the SMTP tab of the GWIA properties? Mike > I use Verizon DSL and they require a username/password to use their outgoing > smtp server. Too many hosts reject my e-mail because of my dynamic IP. > Does GW6.5 allow a username/pswd combo to log in to an ISP's SMTP server? > > Michael...

Construction of SA failed for peer xx.xx.xx.xx
Hi, We use BM37 for site-to-site VPN. On the slave's audit log, we got such message: (SKIP) Constuction of SA failed for peer xx.xx.xx.xx The IP adress is the ip of hosts behind the vpn slave. The audit message has explanation: "IPSEC failed to set up a Security Association with the indicated connection causing packets to be dropped.", and has Action suggestion: check for possible out of memory conditions. The server we used is a brand new with a few GB RAM. The action seems making no senses for me. I tried to search the KB, found nothing. Any sugges...

zisedit DNSServer1=xx.xx.xx.xx
I recently installed the Zenworks 7 SP1 HP2 and modified the bootcd for our environment. I use a script to change the ZISD on the machine, this is the tail end of my past script for setting the DNS Servers: zisedit DNSServerCount=4 zisedit DNSServer1=35.8.208.41 zisedit DNSServer2=35.8.2.41 zisedit DNSServer3=35.8.2.42 zisedit DNSServer4=35.8.98.43 This worked fine without HP2. However, when using the HP2 bootcd `zisedit DNSServer1=35.8.208.41` outputs the error: Unknown parameter (0): 'DNSServer1=35.8.208.41' I've been searching through forums and even the or...

421 4.7.0 [TS02] Messages from xx.xx.xx.xx temporarily deferred due to user complaints
--____QNBRMLBZKGHSTVVBHGKM____ Content-Type: text/plain; charset=iso-8859-15 Content-Transfer-Encoding: quoted-printable Content-Disposition: inline; modification-date="Sat, 11 Apr 2008 04:50:38 -0400" We are running GW 7.0.1. We have been seeing this error for about 3 days. = Does anyone have any idea if there is anything I can do to stop these = errors? It is causing our customer service problems discussing customer = instructions. This can cause us to miss deadlines or to make mistakes. 03:18:20 326 DMN: MSG 45893 Send Failure: 421 4.7.0 [TS02] Messages from = ...

(SKIP) Construction of SA failed for peer xx.xx.xx.xx
I am trying to setup a new SITE to SITE VPN connection. Yesterday, SBC installed SBC Yahoo DSL. I told the installer that I did not want DHCP, filters, or NAT, so he suggested I used a bridge and not a router for the service. He installed an Efficient Networks SpeedStream 5360. Internet service is working and the BM 3.7 proxy server is working for HTTP. My problem: When trying to establish a connection for the Site to Site, the Slave server reports: Audit Log: (SKIP) Construction of SA failed for peer 68.xx.xx.xx Info: IP Security Error 284 IPSEC fa...

(SKIP) Construction of SA failed for peer xx.xx.xx.xx #2
Hi, some time ago i tested VPN server to server connection, for server with address 172.22.81.189(Master1) it was OK. Than I removed VPN configuration on Slave1 server and from NWAdmin on Master(172.22.81.189). Today I created VPN server to server with same server which was Slave before, but now it is a Master2 server. I have also new Slave2 server and when I look in Audit via NWAdmin there are lines (SKIP) Construction of SA failed for peer 172.22.81.189 but this server is no longer member of this VPN !!! Could somebody tell me wher could be this info saved? Thanks Ale...

Send Failure: 421 mails from xx.xx.xx.xx refused: local dynamic IP address xx.xx.xx.xx
--____WVRGWAXLCBHMONRQBWTO____ Content-Type: text/plain; charset=iso-8859-15 Content-Transfer-Encoding: quoted-printable Content-Disposition: inline; modification-date="Wed, 5 Jun 2007 06:54:16 -0400" We are running GW 7.01 and have been for about 3 months. This problem = first surfaced about 2 weeks ago. Our dns records are correct, but this = one ISP that hosts email for several of our customers is rejecting our = mail for the above reason. They are claiming we have an invalid configurat= ion, but no one else rejects email from us because of this. They claim we = ...

DHCP client <x:x:x:xx:xx:xx> did not select this server
Moving DHCP from NW6-SP4 to NW65-SP2. When new server loads service we are getting "DHCP client <x:x:xx:xx:xx:xx> did not select this server". Workstations Windows XP SP1 with ZENWorks 4.01 agent. , > Moving DHCP from NW6-SP4 to NW65-SP2. When new server loads service we are > getting "DHCP client <x:x:xx:xx:xx:xx> did not select this server". > Workstations Windows XP SP1 with ZENWorks 4.01 agent. Sounds like you have two DHCP servers serving the same subnet. If that is the case then the message would indicate that the client asked, ...

ERROR: "client xx.xx.xx.xx#xxxx: update 'zone name/IN' deni
Seeing this error on DNS console. TID 10086933 option 3 says Go to the Control List for the zone affected and add the ip address of the device trying to update DNS in the "Allow Update" list. However there is no such 'Control List' option in the DHCP console. Where do I find it? Thanks Lenny -- lennyd ------------------------------------------------------------------------ Lenny, > However there is no such 'Control List' option in the DHCP console. > Where do I find it? What version of the DNS/DHCP console are you using? Wi...

https://xx.xx.xx.xx/BM-Login/?"http://yourwebsite
I am having a problem after reinstalling netware enterprise webserver 3.5.2 from the nw51 cd. Starting your webbrowser there is no automatic redirection to the BM-Login page. When typing it by hand it's working ok. Idea's we are running netware 5.1 sp6 BM 3.6 sp2a Evert In article <KQF2d.13063$oo4.7807@prv-forum2.provo.novell.com>, wrote: > Starting your webbrowser there is no automatic > redirection to the BM-Login page. When typing it by hand it's working ok. > What do you mean, 'typing it by hand'? If you are looking for the SSL Prox...

format input string to xxx.xx.xx.xx
Hello  Everyone,  Here is the issue I am working on: input: 1 or 1.1 or 1.2.3 or 001.02.03.01 expected output in the format: 000.00.00.00 and the numbers get populated from left to right. meaning if input was 1.2, the output would/should be: 001.02.00.00 How can I do this? Regex? string.format??? This is in c# Thanks in advance.    You are going to have to write a method that splits up the number and builds up the number in your format.  It looks like you should split the string of numbers at each '.' and then concatenate the sp...

OBJECT_NOT_EXIST (Session/lookup
I have a test cluster with two servers and one of the servers lease expired. I have installed the same version of Jaguar as the other server in the cluster and the servers have the same name and listeners, when I tried syncing the cluster to the new server ( which kept the old servers name and ip) I started getting the SystemException: OBJECT_NOT_EXIST (Session/lookup - @XXX.XX.X.XX) message whenever the server was called. I have tried deleting the cluster and recreating it and that didn't help. I have tried syncing from the new server making it the primary and that seems to have...

ValidationExpression URL allow http://xxx.xx?xx=x
I have ValidationExpression="http://([\w-]+\.)+[\w-]+(/[\w- ./?%&amp;=]*)?" I would just like to allow not having a slash before a question mark in a URL. I have the list of the Regular Expression Syntax (JScript), but I think it is really complicated to change anything. If I just have ValidationExpression="http://" I still are not allowed to have a link like http://tni.dk?ref=1506764. Can anybody help?Jørgen A.J. ...

Mailer-Daemon@xxx.xxxxxxx.xx.xx (user not found)
Hi! We are using GW5.5. During the last days, me (postmaster) and ADMIN are receiving every 1-3 seconds mails same as the following one. Please help to stop this avalanche. TIA Nanu ------------- The mail example --------------------------------------- MAIL FROM:<admin@frogo.bezeqint.net> RCPT TO:<Mailer-Daemon@mail.kalmanovitz.co.il> Received: from frogo.bezeqint.net by mail.kalmanovitz.co.il; Tue, 25 May 2004 10:57:15 +0300 To: Mailer-Daemon@mail.kalmanovitz.co.il From: admin@frogo.bezeqint.net Subject: Returned mail: unreachable recipients: admin@frog...

Web resources about - AuthClient # 0 (xx.xx.xx.x): GetCH: Alloc for user name fail - novell.bordermanager.vpn

Yii Software LLC · GitHub
Build software better, together.

Announcing new .NET and Windows Phone SDKs for SkyDrive, plus IFTTT, DocuSign and SoundGecko integrations ...
... The following code shows how to retrieve your user’s SkyDrive data from a server .NET application: public async Task Index() { this .authClient ...

Yii Framework 2.0 API Documentation
Toggle navigation Yii Framework 2.0 API Documentation Class reference Extensions apidoc authclient bootstrap codeception composer debug elasticsearch ...

Resources last updated: 12/13/2015 11:20:01 PM