TMG2010 site-to-site VPN fails to dial with error 913 (A Remove Access Client attempted to connect over a port that was reserved for Routers only)

TMG2010 site-to-site VPN fails to dial with error 913 (A Remove Access Client attempted to connect over a port that was reserved for Routers only)

  • Comments 1
  • Likes

Scenario

When configuring site-to-site (S2S) VPN networks, you may notice that the VPN tunnel doesn't connect.

On the dialing TMG server, you'll see the following event logs:

Log Name:      Application

Source:        RasClient

Event ID:      20227

Description: CoId={A56F6195-18BB-44ED-AE45-34B70D127A2C}: The user SYSTEM dialed a connection named Net2 which has failed. The error code returned on failure is 913.

Log Name:      System

Source:        RemoteAccess

Event ID:      20111

Description: A Demand Dial connection to the remote interface Net2 on port VPN2-4 was successfully initiated but failed to complete successfully because of the  following error: A Remote Access Client attempted to connect over a port that was reserved for Routers only.

And on the other TMG server, you'll see this event log:

Log Name:      System

Source:        RemoteAccess

Event ID:      20270

Description: CoID={31A76222-6269-4085-95E5-B3DAC64F69FD}: The user Net2, attempting to connect on VPN2-100, was disconnected because of the following  reason: A Remote Access Client attempted to connect over a port that was reserved for Routers only.

Solution

In order to accept any VPN connections, you must enable VPN client access, even if you only expect site-to-site VPN connections.

 

-Gabriel Koren, TMG product team

Comments
  • B.S.  Sorry to be so crass. But this product about to send me over the deepend.  S2S using TMG to TMG works without VPN client enabled.  Will dial in. No such error.  I have over 50 in the filed so I can attest to that.  What does NOT work on S2S atter tunnel fails and reconnects you can no longer ping through from TMG to other TMG S2S...Use S2S same circuits and one device is TMG and the other ISA2006 and all works fine.     Larry.Green@chsfl.org

Your comment has been posted.   Close
Thank you, your comment requires moderation so it may take a while to appear.   Close
Leave a Comment