Skip to Content

Solved: How do I fix “MS-CHAP-Error(2): \000E=691 R=0 V=3” Radius reject response?

If you’ve ever encountered the enigmatic “MS-CHAP-Error(2): \000E=691 R=0 V=3” message in an Access-Reject response from Radius, you’re not alone. This cryptic error can be a puzzling roadblock, leaving you wondering what it means and how to overcome it.

Sniffer
2 0.001287 10.10.10.10 10.10.10.254 RADIUS 84
Access-Reject(3) (id=5, l=42)
AVP: l=22 t=Vendor-Specific(26) v=Microsoft(311)
VSA: l=16 t=MS-CHAP-Error(2): \000E=691 R=0 V=3

In this article, we aim to demystify this error message and provide you with not only an understanding of its significance but also effective workarounds to address it. We’ll break down the components of the error message, shed light on its implications, and equip you with the knowledge needed to navigate and resolve this issue.

So, if you’ve ever been baffled by the “MS-CHAP-Error(2): \000E=691 R=0 V=3” message in Radius reject responses, join us on this journey as we unravel its mysteries and empower you with the solutions you need.

Solution: Enabling NTLMv1 for NTLM Connections on Windows Server 2008

If you’ve encountered issues with NTLM connections being refused on your Windows Server 2008, there’s a common culprit that could be at play. By default, Windows Server 2008 disables NTLMv1, which can lead to connection problems. However, there’s a straightforward solution to this problem.

Here’s how to enable NTLMv1 on your server:

Step 1: Access Local Security Policy
Click on the “Start” button. Navigate to “Administrative Tools.”

Step 2: Open Local Policies
In the Administrative Tools menu, locate and open “Local Security Policy.”

Step 3: Configure LAN Manager Authentication Level
Within the Local Security Policy window, expand the “Local Policies” section. Find and click on “Security Options.”

Step 4: Adjust Network Security Settings
In the Security Options list, scroll down to locate “Network security: LAN Manager authentication level.”

Step 5: Modify Authentication Settings
Double-click on “Network security: LAN Manager authentication level” to modify its settings. In the properties window, you’ll see different options. Select “Send NTLM response only.”

Double-click on "Network security: LAN Manager authentication level" to modify its settings. In the properties window, you'll see different options. Select "Send NTLM response only."

By following these steps, you can enable NTLMv1 on your Windows Server 2008, allowing for NTLM connections to work as intended. This adjustment can be particularly useful if you’ve been experiencing issues due to the default NTLMv1 settings.

Alex Lim is a certified IT Technical Support Architect with over 15 years of experience in designing, implementing, and troubleshooting complex IT systems and networks. He has worked for leading IT companies, such as Microsoft, IBM, and Cisco, providing technical support and solutions to clients across various industries and sectors. Alex has a bachelor’s degree in computer science from the National University of Singapore and a master’s degree in information security from the Massachusetts Institute of Technology. He is also the author of several best-selling books on IT technical support, such as The IT Technical Support Handbook and Troubleshooting IT Systems and Networks. Alex lives in Bandar, Johore, Malaysia with his wife and two chilrdren. You can reach him at [email protected] or follow him on Website | Twitter | Facebook

    Ads Blocker Image Powered by Code Help Pro

    Your Support Matters...

    We run an independent site that is committed to delivering valuable content, but it comes with its challenges. Many of our readers use ad blockers, causing our advertising revenue to decline. Unlike some websites, we have not implemented paywalls to restrict access. Your support can make a significant difference. If you find this website useful and choose to support us, it would greatly secure our future. We appreciate your help. If you are currently using an ad blocker, please consider disabling it for our site. Thank you for your understanding and support.