Event ID 20138 — RRAS Demand-Dial Connections
Applies To: Windows Server 2008
A demand-dial interface is a logical interface that represents a point-to-point connection. The point-to-point connection is based on either a physical connection, such as two routers connected over an analog phone line that uses modems, or a logical connection, such as two routers connected over a virtual private network (VPN) connection that uses the Internet. Demand-dial connections are either on-demand (the point-to-point connection is only established when needed) or persistent (the point-to-point connection is established and then remains in a connected state). Demand-dial interfaces typically require an authentication process to become connected. The equipment required by a demand-dial interface is a port on a device.
Event Details
Product: | Windows Operating System |
ID: | 20138 |
Source: | RemoteAccess |
Version: | 6.0 |
Symbolic Name: | ROUTERLOG_CONNECTION_FAILURE |
Message: | A demand-dial connection to the remote interface: %1 failed to be initiated succesfully. The following error occurred: %2 |
Diagnose
The remote access connection must have permission through dial-in properties of the user account and remote access policies. In addition, the credentials of the remote access client (user name, password, and domain name) must be validated by the remote access server.
This error might be caused by the incorrect configuration of one of the following:
- Connection settings
- Credentials of the remote access client
Check connection settings
- Match all of the conditions of at least one remote access policy.
- Grant remote access permission through the local user account (set to Allow access). Or, you can grant remote access permission through the domain user account (set to Control access through NPS Network Policy) and the remote access permission of the matching remote access policy (set to Grant access).
- Match all of the settings of the profile.
- Match all of the settings of the dial-in properties of the user account.
- If the conditions and settings match, see the section titled "Reinitialize the demand-dial connection" or "Review the remote access service error code."
Check the credentials of the remote access client in Windows or RADIUS
- If Windows is used as the authentication and accounting provider, the remote access server uses native Windows functions to validate the security credentials of the remote access client (typically, the remote access user's user name and password) and access the remote access client's user account dial-in properties.
- If RADIUS is used as the authentication and accounting provider, the remote access server acts as a RADIUS client and sends the user's credentials and other connection settings to a RADIUS server. The RADIUS server validates the credentials of the remote access client, authorizes the connection attempt, and stores remote access connection accounting information.
Resolve
To resolve this issue, use the resolution that corresponds to the cause you identified in the Diagnose section. After performing the resolution, see the Verify section to confirm that the feature is operating properly
Cause |
Resolution |
---|---|
Various issues can affect demand-dial connection |
Reinitialize the demand-dial connection |
Various issues can affect demand-dial connection |
Review the remote access service error code |
Reinitialize the demand-dial connection
Check that there is communication between the calling and answering demand-dial routers.
To initiate the on-demand connection on the calling router:
- On the calling router, in the Routing and Remote Access snap-in, click Network Interfaces.
- Right-click the demand-dial interface for which you want to initiate a connection, click Connect, and then confirm that the connection was established.
Review the remote access service error code
There is not enough information available in the Routing and Remote Access service event message to provide a recommendation for resolution of the problem. If you continue to get this error, contact Microsoft Product Support Services. For more information, see https://go.microsoft.com/fwlink/?LinkId=52267.
For more information about remote access service error codes, see article 163111 in the Microsoft Knowledge Base (https://go.microsoft.com/fwlink/?LinkID=91455).
Verify
If the calling router uses a dial-up connection to the local ISP, the local ISP assigns the router a temporary IP address. You can confirm that this IP address exists by typing ipconfig at a command prompt.
To perform the following procedure, you must be a member of the Administrators group, or you must have been delegated the appropriate authority.
To check the status of the demand-dial interface:
- Open Routing and Remote Access. Click Start, click Run, type rrasmgmt.msc, and then press ENTER.
- In the console tree, click Network Interfaces.
- In the details pane, in the Connection State column, verify that the demand-dial interface that matches the user name for the credentials of the calling router is connected.