Why does an EAP-TLS resumed session generate error 691?

A. Extensible Authentication Protocol-Transport Layer Security (EAP-TLS) is a Point-to-Point Protocol (PPP) extension supporting additional authentication methods within PPP. Transport Layer Security (TLS) provides for mutual authentication, integrity-protected cipher suite negotiation, and key exchange between two endpoints.

When you try to reconnect an EAP-TLS connection, the session sometimes stops working and returns error 691 Access was denied because the user name and/or password was invalid on the domain. To work around the problem, wait at least 2 minutes before you try to reconnect. Note: If you’re using smart cards for remote access authentication in Windows 2000, you must use the EAP-TLS authentication method.

TAGS: Security
Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.