Demand Dial VPN prevented by Client License limit?

Skip to first unread message


Jul 8, 2005, 10:14:02 AM7/8/05
I setup a demand-dial VPN between a SBS2003 and Windows Server 2003 machine
the other day and it worked perfectly - the first time at least. Since then,
I can connect from the SBS2003 --> Win2003 machine fine, no problems, but
when i initiate the connection from Win2003 --> SBS2003, the interface is

I checked the event viewer on the Win2003 machine and it said "No more
connections can be made to this remote computer at this time because there
are already as many connections as the computer can accept".

There are enough ports available and there are no protocol filters setup so
i was somewhat puzzled by it. I checked the SBS Event Viewer and got this:
"No more connections can be made to this remote computer because the
computer has exceeded its client license limit."

Now, there are no other users accessing ANYTHING on the SBS2003 machine and
I don't know why it thinks its exceeded its limit. If I stop the license
logging service, I can connect fine, but i can't prevent the service from
restarting otherwise the server shuts down.

If anyone has any ideas i would be most grateful.



Marina Roos [SBS-MVP]

Jul 8, 2005, 3:02:02 PM7/8/05
Hi Nick,

Can you please provide the complete error messages with the event ID's? How
many CAL's are installed on the SBS? How many VPN ports are configured in
RRAS? How many nics in each server?


Marina Roos
Microsoft SBS-MVP
One of the Magical M&M's
Take part in SBS forum:

"Nickonthemove" <> schreef in bericht


Jul 12, 2005, 5:05:02 AM7/12/05
Hi Marina,

The event ID on the machine attempting to connect is

Event ID : 20111

A Demand Dial connection to the remote interface Demand_Leeds on port VPN5-4
was successfully initiated but failed to complete successfully because of the
following error: No more connections can be made to this remote computer at

this time because there are already as many connections as the computer can

The computer I am trying to connect to has this event ID in the event viewer:

Event ID : 20097

A user was unable to connect on port VPN5-4. No more connections can be made

to this remote computer because the computer has exceeded its client license

In answer to your other questions:

There are 2 NIC's in each server.
There are 5 PPTP VPN ports configured on each machine.
There are 10 installed licenses on the SBS machine.

It definitely has something to do with the license logging, as when i stop
the service i can connect fine. I don't know how i can be using licenses and
why it isn't detecting the user as having disconnected.

I cannot connect to the SBS machine at all now and receive the above Event
ID's every time.

Your help appreciated,



Jul 14, 2005, 5:04:03 AM7/14/05
I think i've found a solution to the problem but im still confused as to why
this should be the case.

Anyway, if I setup the Demand-Dial interfaces to have the same credentials
at each end, so for example:

Site A

Interface name: VPN
user: VPN
pass: VPN

Site B

Interface name: VPN
user: VPN
pass: VPN

This works fine. I can connect no problem and nothing is mentioned about
the license limit being exceeded.

If anyone could shed any light as to why this is the case, I would be very
grateful. It may just be me being lazy and not researching properly how MS
does its VPN's, but I don't see why the dial-out credentials matching the
dial-in credentials would reduce the no. of connections.




Jul 14, 2005, 10:09:02 AM7/14/05
Hi Nick, I had this same problem maybe a year ago and I managed to confirm
that the problem existed with four other people, I asked the same questions
you did and interestingly, Marina asked me the very same questions you've
been asked.

This is a problem that definitely and without a doubt exists in SBS 2003.
I got sick of the roundabout questions that I was being asked and solved my
problem by buying a couple of draytek routers. I later found the same
solution that you've found of duplicating the DOD and account names on both

I just wanted you to know that you are not alone with this problem or with
your findings.




Jul 14, 2005, 11:36:13 AM7/14/05
Hi Andy,

Thanks for your reply. I was beginning to lose patience with the whole
thing until i found the aforementioned workaround.

I can't seem to find any documentation on it anywhere either on the VPN side
of things or the concurrent connection side of things. Im going to have to
settle with the single user id for now but it would be nice if Microsoft
would either acknowledge it as a fault or if by design, explain why it did

The closest documentation i can find with regards to VPN connection limits
is with Server 2003 Web Ed. where it only allows a single DoD connection.

Oh well, at least im not alone.



Reply all
Reply to author
0 new messages