# Always on VPN - Clients can not connect



## daniyal1973 (Aug 25, 2019)

hi
I'm new to this please help me , i'm working at company I rebooted the VPN server but after VPN does not work and clients get error " A certificate could not be found that can be used with Extensible Authentication protocol"


I rebooted the server , Restored from backup , Updated .. but no luck . Even after recovered from backup it will nto work and I see error ID 25 Microsoft windows -RasSstp .

help me please


----------



## lunarlander (Sep 22, 2007)

If it says it couldn't find the correct certificate and a drive restore still does not work, or produces a different error, I suspect a hard drive problem.


----------



## zx10guy (Mar 30, 2008)

I don't think it's a hard drive problem. For whatever reason, the certificate needed to establish the authentication hand shake is not configured on the RRAS server. A hard drive problem will not cause this problem. I don't know enough about RRAS to help. I did a quick search and saw some references to NPS. Which makes sense since I had to configure an NPS server when I was playing around with 802.1x authentication on my wireless network. If the certificate was somehow lost, you need to generate a new one from a CA (certificate authority). You can create one with Windows.

Another thought I just had is the certificate might still be there. But you're getting an error because the certificate is expired. Certs have expiration dates which are configured and applied to them when they're created. I've seen this very issue at a client of mine where the certificate expired which created a major ripple effect on their network.


----------

