Article ID: 285901 - Last Review: October 26, 2006 - Revision: 5.1 Remote access, VPN, and RIS clients cannot establish sessions with a server that is configured to accept only NTLM version 2 authenticationThis article was previously published under Q285901 SYMPTOMS Remote Access, Remote Installation Services (RIS), and VPN clients cannot establish sessions with a server that is configured to accept only NTLM 2 authentication. CAUSE Microsoft Windows 2000-based clients cannot send an NTLM 2 challenge response. Therefore, Windows 2000-based clients use NTLM instead. RESOLUTIONRIS clientsThere is currently no resolution for this problem for Windows NT 4.0 or for Windows 2000. Windows XP SP1 includes the RIS client functionality of using NTLM 2 authentication to connect to the RIS server. This functionality is not available for Windows NT 4.0 or Windows 2000 RIS clients.Remote access and VPN clientsThere is currently no resolution for this problem for Windows NT 4.0 or for Windows 2000. In Windows 2000, you can set up Extensible Authentication Protocol (EAP) and use smart cards or you can write an extension of your own. In Windows 2000, you can enable Internet Protocol Security (IPSec) and the authentication will be encrypted. This only resolves the problem for VPN.For more information, click the following article numbers to view the articles in the Microsoft Knowledge Base: 265112
(http://support.microsoft.com/kb/265112/
)
IPSec and L2TP implementation in Windows 2000
325033
(http://support.microsoft.com/kb/325033/
)
Configuring Microsoft L2TP/IPSec VPN for earlier clients
| Article Translations
|
| United States | Change | | | All Microsoft Sites |
Back to the top
|
