Select the product you need help with
- Internet Explorer
- Windows Phone
- More products
FIX: Incoming VPN connections are rejected by an ISA Server 2004 RADIUS server that is operating on a Windows Server 2003-based computer
Article ID: 970451 - View products that this article applies to.
Consider the following scenario:
The RADIUS authentication packets contain a station ID which is larger than 16 bytes. ISA Server 2004 assumes that the station ID is an IP address that is 16 bytes or smaller. For example, this problem may occur if the station ID is using a string format of a MAC address such as "00-00-AA-BB-CC-DD," which is larger than 16 bytes. Because ISA Server uses a static buffer to save and log the ID, it cannot initialize the connection. So, it rejects it.
To resolve this problem, install the hotfix rollup package that is described in the following Microsoft Knowledge Base article:
(http://support.microsoft.com/kb/970454/ )Description of the ISA Server 2004 hotfix package: June 2, 2009
Note After you install this hotfix, large station IDs will be ignored and will not be logged.
Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.
For more information about software update terminology, click the following article number to view the article in the Microsoft Knowledge Base:
(http://support.microsoft.com/kb/824684/ )Description of the standard terminology that is used to describe Microsoft software updates
Article ID: 970451 - Last Review: July 24, 2009 - Revision: 1.2