0

I'm trying to use the Windows login credentials on a DotRas VPN connection. This is what I've tried so far, without any luck:

this.rasDialer.Credentials = CredentialCache.DefaultNetworkCredentials;
this.rasDialer.DialAsync();

and:

this.rasDialer.Credentials = (NetworkCredential) CredentialCache.DefaultCredentials;
this.rasDialer.DialAsync();

I'm getting error code 691 when I'm trying to connect, which is the same error code I get when I'm trying with a blank username and a blank password:

this.rasDialer.Credentials = new NetworkCredential("", "");
this.rasDialer.DialAsync();

This gives me error code 13801:

this.rasDialer.Credentials = new NetworkCredential("dummy", "dummy");
this.rasDialer.DialAsync();

Thanks for any help solving this.

S.A.
  • 99
  • 8

1 Answers1

0

Error code 691 indicates a general authentication failure message from RAS, so if you're seeing that when you're not passing in credentials that would probably be expected.

Per Microsoft's documentation found here:

The credentials returned by the DefaultNetworkCredentials property is applicable only for NTLM, negotiate, and Kerberos-based authentication.

Your ability to use the CredentialCache.DefaultNetworkCredentials property would likely be determined by the settings within the phone book for your connection given that the settings on what the entry can support would likely enable or prevent the use of the property you're attempting to use.

As for what the error 13801 represents, I have not seen that error before so I'm not sure. If I were to venture a guess, depending on your entry settings it could be EAP related. Most RAS related errors are between 600 and 800.

Hopefully the new version makes these sorts of issues less irritating to diagnose.

Jeff Winn
  • 804
  • 8
  • 14
  • Thanks for the reply. I'm a little confused though. Should I set some settings on my `RasPhoneBook` to make this work? Regarding the authentication method for the VPN, I don't know what kind of authentication method it is using. – S.A. Jan 22 '19 at 12:51
  • Btw. this is how the entry/connection is created: `this.rasPhoneBook.Open(GetPhoneBookPath()); RasEntry entry = RasEntry.CreateVpnEntry(GetConnectionName(), GetServerAddress(), RasVpnStrategy.IkeV2Only, RasDevice.Create(GetConnectionName(), RasDeviceType.Vpn)); this.rasPhoneBook.Entries.Add(entry);` – S.A. Jan 22 '19 at 13:00
  • Those methods really just setup a basic entry, they don't guarantee connectivity as most connections require tweaking of settings to make them compatible with the VPN product being targeted for connection and the authentication settings required. The settings you'll likely need to set will be on the RasEntry class, there are lots and lots of options. – Jeff Winn Jan 23 '19 at 23:38
  • It seems like the option `UseLogOnCredentials` could do the trick? _This option corresponds to the Use Current Username and Password checkbox in the Security settings dialog box. This option is ignored unless the DotRas.RasEntryOptions.RequireMSEncryptedPassword option is also set._ However, I can't set `RequireMSEncryptedPassword`. I'm just getting this if I set it to true: _An unhandled exception of type 'System.ArgumentException' occurred in DotRas.dll 'entry' contains invalid or conflicting settings. Please verify the settings are correct and try again_ – S.A. Jan 25 '19 at 12:31
  • This could just be a design flaw in the old library, trying to verify the settings before hand. I’ll see what I can do about it with the new version. – Jeff Winn Mar 14 '19 at 11:48
  • It's over at https://github.com/winnster/DotRas now, I'm mostly trying to find people willing to test some of the features so I get it right for the 2.0 launch. It was a full rewrite since it was so difficult to maintain. I haven't started on the phone books yet, but if you're looking for specific features you can always put a request in. – Jeff Winn Mar 16 '19 at 00:58