For the past 6 months I have been periodically receiving an error connecting to one of our VPN servers of:
Error 812: The connection was prevented because of a policy configured on your RAS/VPN server. Specifically, the authentication method used by the server to verify your username and password may not match the authentication method configured in your connection profile. Please contact the Administrator of the RAS server and notify them of this error.
This error occured on both Windows 7 and Window 8 workstations, but only periodically, and most frequently after a disconnect has occurred and the user is trying to reconnect to the VPN. Sometimes starting and stopping RRAS on the server will resolve the issue, sometimes rebooting the RRAS server will resolve it, and other times simply trying again an hour later will result in success. I did some searching on the Internet, but virtually all of the resolutions for this issue are related to setup or configuration problems that would result in the VPN either consistently working or not-working for a specific workstation, not a random occurrence of this error. I tried changing a number of the NPS policies, since the error seemed to point to an NPS issue, but this did not resolve the problem.
Eventually I was able to isolate the issue to a periodic problem with the RRAS server not being able to connect to the Active Directory server for account authentication. One of the reason codes occasionally generated in the security event log was:
The Network Policy Server was unable to connect to a domain controller in the domain where the account is located. Because of this, authentication and authorization for the RADIUS request could not be performed.
The cause of the problem ended up being very simple: The primary DNS of the RRAS server was no longer pointing at the domain controller. Changing the primary DNS to the domain controller and setting the secondary DNS to an external server (the primary google 188.8.131.52 DNS in this case) eliminated the issue.
In case you are having error 812 problems consistently here are some additional links on other common configuration issues: