Event ID 20211 — VPN NAP Enforcement Client Configuration

Applies To: Windows Server 2008

A Network Access Protection (NAP) enforcement client is responsible for requesting access to a network, communicating a client computer's health status to the NAP server that is authorizing the network access, and communicating the connection status of the client computer to other components of the NAP client architecture. A NAP-capable client is a computer that has the NAP components installed and can verify its health state by sending a statement of health (SoH) to NPS.

The remote access enforcement client enforces health policies when a client computer attempts to gain access to the network through a virtual private network (VPN) connection.

Event Details

Product: Windows Operating System
ID: 20211
Source: RasMan
Version: 6.0
Message: The Network Access Protection (NAP) enforcement client could not start PPP renegotiation on the following remote access connection: %d. Some network services or resources might not be available.


Fix PPP renegotiation


A change in system health resulted in a new SoH. The PPP renegotiation that was started to send this SoH to the server failed. Because there has been no change in the parameters negotiated during PPP, the most common cause of this problem is network connectivity between the client computer and server. Network problems can result in the delay or loss of PPP requests and responses during negotiation. Check the status of network connectivity in the Network Connections folder.

For network problems, contact the ISP or network administrator to determine the status of the network.


To verify that the remote access server can accept connections, establish a remote access connection from a client computer.

To create a VPN connection:

  1. Click Start, and then click Control Panel.
  2. Click Network and Internet, click Network and Sharing Center, and then click Set up a connection or network.
  3. Click Connect to a workplace, and then click Next.
  4. Complete the steps in the Connect to a Workplace wizard.

To connect to a remote access server:

  1. In Network and Sharing Center, click Manage network connections.
  2. Double-click the VPN connection, and then click Connect.
  3. Verify that the connection was established successfully.

VPN NAP Enforcement Client Configuration

Routing and Remote Access Service Infrastructure