"705" error code when you try to use a demand-dial interface to create a site-to-site VPN connection in Windows Server 2008 R2

Article translations Article translations
Article ID: 2200118 - View products that this article applies to.
Expand all | Collapse all

On This Page

SYMPTOMS

Consider the following scenario:
  • You create a demand-dial interface on a computer that is running Windows Server 2008 R2.
  • You configure this interface to use Extensible Authentication Protocol (EAP) for the authentication protocol.
  • You use the interface to create a site-to-site virtual private network (VPN) connection.
In this scenario, you cannot create the VPN connection. Additionally, you receive a 705 error code that resembles the following:
The specified authentication state is not valid.


Notes
  • This issue also occurs when you create a site-to-site VPN connection in Routing and Remote Access (RRAS) Microsoft Management Console (MMC) on a Threat Management Gateway (TMG) server that is running Windows Server 2008 R2.
  • This issue does not occur when you create a L2TP/IPSec VPN connection that uses a preshared key authentication instead of certification authority (CA) certificates.

CAUSE

This issue occurs because EAPHost incorrectly impersonates the caller even the VPN server sets the RAS_EAP_FLAG_ROUTER flag to indicate that the caller is a router instead of a VPN client.

RESOLUTION

Hotfix information

A supported hotfix is available from Microsoft. However, this hotfix is intended to correct only the problem that is described in this article. Apply this hotfix only to systems that are experiencing the problem described in this article. This hotfix might receive additional testing. Therefore, if you are not severely affected by this problem, we recommend that you wait for the next software update that contains this hotfix.

If the hotfix is available for download, there is a "Hotfix download available" section at the top of this Knowledge Base article. If this section does not appear, contact Microsoft Customer Service and Support to obtain the hotfix.

Note If additional issues occur or if any troubleshooting is required, you might have to create a separate service request. The usual support costs will apply to additional support questions and issues that do not qualify for this specific hotfix. For a complete list of Microsoft Customer Service and Support telephone numbers or to create a separate service request, visit the following Microsoft Web site:
http://support.microsoft.com/contactus/?ws=support
Note The "Hotfix download available" form displays the languages for which the hotfix is available. If you do not see your language, it is because a hotfix is not available for that language.

Prerequisites

To apply this hotfix, you must be running Windows Server 2008 R2.

Restart requirement

You must restart the computer after you apply this hotfix.

Hotfix replacement information

This hotfix does not replace a previously released hotfix.

File information

The global version of this hotfix installs files that have the attributes that are listed in the following tables. The dates and the times for these files are listed in Coordinated Universal Time (UTC). The dates and the times for these files on your local computer are displayed in your local time together with your current daylight saving time (DST) bias. Additionally, the dates and the times may change when you perform certain operations on the files.
Windows Server 2008 R2 file information notes
Important Windows 7 hotfixes and Windows Server 2008 R2 hotfixes are included in the same packages. However, hotfixes on the Hotfix Request page are listed under both operating systems. To request the hotfix package that applies to one or both operating systems, select the hotfix that is listed under "Windows 7/Windows Server 2008 R2" on the page. Always refer to the "Applies To" section in articles to determine the actual operating system that each hotfix applies to.
  • The MANIFEST files (.manifest) and the MUM files (.mum) that are installed for each environment are listed separately in the "Additional file information for Windows Server 2008 R2" section. MUM and MANIFEST files, and the associated security catalog (.cat) files, are extremely important to maintain the state of the updated components. The security catalog files, for which the attributes are not listed, are signed with a Microsoft digital signature.
For all supported x64-based versions of Windows Server 2008 R2
Collapse this tableExpand this table
File nameFile versionFile sizeDateTimePlatform
Baseeapmethodconfig.xsdNot applicable61210-Jun-200920:38Not applicable
Baseeapmethodusercredentials.xsdNot applicable64810-Jun-200920:38Not applicable
Eapcommon.xsdNot applicable75210-Jun-200920:38Not applicable
Eapgenericusercredentials.xsdNot applicable1,13210-Jun-200920:38Not applicable
Eaphostconfig.xsdNot applicable1,27510-Jun-200920:38Not applicable
Eaphostusercredentials.xsdNot applicable1,35310-Jun-200920:38Not applicable
Eapp3hst.dll6.1.7600.20732348,16012-Jun-201006:06x64
Eappcfg.dll6.1.7600.16385263,68014-Jul-200901:40x64
Eappgnui.dll6.1.7600.20732103,93612-Jun-201006:06x64
Eapphost.dll6.1.7600.20732303,61612-Jun-201006:06x64
Eappprxy.dll6.1.7600.1638564,51214-Jul-200901:40x64
Eapp3hst.dll6.1.7600.20732242,17612-Jun-201005:26x86
Eappcfg.dll6.1.7600.16385183,29614-Jul-200901:15x86
Eappgnui.dll6.1.7600.2073294,20812-Jun-201005:26x86
Eapphost.dll6.1.7600.20732222,20812-Jun-201005:26x86
Eappprxy.dll6.1.7600.1638556,32014-Jul-200901:15x86
For all supported IA-64-based versions of Windows Server 2008 R2
Collapse this tableExpand this table
File nameFile versionFile sizeDateTimePlatform
Baseeapmethodconfig.xsdNot applicable61210-Jun-200920:41Not applicable
Baseeapmethodusercredentials.xsdNot applicable64810-Jun-200920:41Not applicable
Eapcommon.xsdNot applicable75210-Jun-200920:41Not applicable
Eapgenericusercredentials.xsdNot applicable1,13210-Jun-200920:41Not applicable
Eaphostconfig.xsdNot applicable1,27510-Jun-200920:41Not applicable
Eaphostusercredentials.xsdNot applicable1,35310-Jun-200920:41Not applicable
Eapp3hst.dll6.1.7600.20732694,27212-Jun-201004:43IA-64
Eappcfg.dll6.1.7600.16385523,77614-Jul-200901:46IA-64
Eappgnui.dll6.1.7600.20732184,83212-Jun-201004:43IA-64
Eapphost.dll6.1.7600.20732625,15212-Jun-201004:43IA-64
Eappprxy.dll6.1.7600.20732143,36012-Jun-201004:43IA-64
Eapp3hst.dll6.1.7600.20732242,17612-Jun-201005:26x86
Eappcfg.dll6.1.7600.16385183,29614-Jul-200901:15x86
Eappgnui.dll6.1.7600.2073294,20812-Jun-201005:26x86
Eapphost.dll6.1.7600.20732222,20812-Jun-201005:26x86
Eappprxy.dll6.1.7600.1638556,32014-Jul-200901:15x86

STATUS

Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.

MORE INFORMATION

For more information about the Routing and Remote Access (RRAS) application program interface (API) error codes, visit the following Microsoft Developer Network (MSDN) website:
General information about the RRAS API error codes
For more information about software update terminology, click the following article number to view the article in the Microsoft Knowledge Base:
824684 Description of the standard terminology that is used to describe Microsoft software updates

Additional file information

Additional files for all supported x64-based versions of Windows Server 2008 R2
Collapse this tableExpand this table
File nameAmd64_201c143853a80554d2275457bb0d68d4_31bf3856ad364e35_6.1.7600.20732_none_f36b9d39ef5d1cea.manifest
File versionNot applicable
File size736
Date (UTC)16-Jun-2010
Time (UTC)10:43
PlatformNot applicable
File nameAmd64_348e1518e9d911e3b0cce6c6403f8c86_31bf3856ad364e35_6.1.7600.20732_none_e8b66e210a89ea49.manifest
File versionNot applicable
File size1,114
Date (UTC)16-Jun-2010
Time (UTC)10:43
PlatformNot applicable
File nameAmd64_microsoft-windows-e..-protocol-host-peer_31bf3856ad364e35_6.1.7600.20732_none_c0c52e0ef612ee97.manifest
File versionNot applicable
File size25,159
Date (UTC)16-Jun-2010
Time (UTC)10:48
PlatformNot applicable
File nameUpdate.mum
File versionNot applicable
File size1,875
Date (UTC)16-Jun-2010
Time (UTC)10:43
PlatformNot applicable
File nameWow64_microsoft-windows-e..-protocol-host-peer_31bf3856ad364e35_6.1.7600.20732_none_cb19d8612a73b092.manifest
File versionNot applicable
File size20,985
Date (UTC)16-Jun-2010
Time (UTC)10:48
PlatformNot applicable
Additional files for all supported IA-64-based versions of Windows Server 2008 R2
Collapse this tableExpand this table
File nameIa64_5a066d72c76033cde16c6ef30f6eb983_31bf3856ad364e35_6.1.7600.20732_none_6d255cf38ea13e57.manifest
File versionNot applicable
File size1,112
Date (UTC)16-Jun-2010
Time (UTC)10:43
PlatformNot applicable
File nameIa64_microsoft-windows-e..-protocol-host-peer_31bf3856ad364e35_6.1.7600.20732_none_64a836813db3865d.manifest
File versionNot applicable
File size25,157
Date (UTC)16-Jun-2010
Time (UTC)10:43
PlatformNot applicable
File nameUpdate.mum
File versionNot applicable
File size1,469
Date (UTC)16-Jun-2010
Time (UTC)10:43
PlatformNot applicable
File nameWow64_microsoft-windows-e..-protocol-host-peer_31bf3856ad364e35_6.1.7600.20732_none_cb19d8612a73b092.manifest
File versionNot applicable
File size20,985
Date (UTC)16-Jun-2010
Time (UTC)10:43
PlatformNot applicable

Properties

Article ID: 2200118 - Last Review: August 13, 2010 - Revision: 2.0
APPLIES TO
  • Windows Server 2008 R2 Datacenter
  • Windows Server 2008 R2 Enterprise
  • Windows Server 2008 R2 Standard
  • Windows Server 2008 R2 Foundation
Keywords: 
kbautohotfix kbqfe kbhotfixserver kbfix kbsurveynew kbexpertiseinter KB2200118

Give Feedback

 

Contact us for more help

Contact us for more help
Connect with Answer Desk for expert help.
Get more support from smallbusiness.support.microsoft.com