EAP-TLS Resumed Session Generates Error Code 691 (274724)
The information in this article applies to:
- Microsoft Windows 2000 Server
- Microsoft Windows 2000 Advanced Server
- Microsoft Windows 2000 Professional
This article was previously published under Q274724 SYMPTOMS
If you attempt to reconnect a connection that uses Extensible Authentication Protocol - Transport Layer Security (EAP-TLS) within two minutes of the disconnection, the connection stops working with the following error message:
691 - Access was denied because the user name and/or password was invalid on the domain.
WORKAROUND
After a disconnection, wait at least two minutes or longer before you attempt to reconnect.
STATUSMicrosoft has confirmed that this is a problem in the Microsoft products that are listed at the beginning of this article. MORE INFORMATION
EAP is a Point-to-Point Protocol (PPP) extension that provides support for additional authentication methods within PPP. TLS allows mutual authentication, integrity-protected cipher suite negotiation, and key exchange between two endpoints.
If you are using smart cards for remote access authentication in Windows 2000, you must use the EAP-TLS authentication method.
| Modification Type: | Major | Last Reviewed: | 11/14/2003 |
|---|
| Keywords: | kbbug kbpending kbWin2000PreSP2Fix KB274724 |
|---|
|