ICMP error packets are dropped by the security appliance

Similar Messages

• SharePoint Reporting Services, No Credentials are available in the security package

  Hi all, 
  I have problem to solve regarding rendering Reports inside SharePoint. Scenario as follows.
  1. There are two domains with two-way trusted connections. We have confirmed it finding users for both domains in the people pickers
  2. Kerberos has been configured in SharePoint
  3. Users from the domain that SharePoint is installed can render reports inside SharePoint but users from the other domain get following error when they try render reports.
  4. users from the other domain can render reports when they browse direclty to the admin tool of reporting-services server.
  5. users from the other domain can run klist and get a about 15 tickets.
  this is the error the users from the domain get when they try render report inside SharePoint.
  An Error has occured during reporting processing (rsProcessingAborted)
     Cannot create a connection to data source 'theSourceSSAS' (rsErrorOpeningConnectiong)
       Authentication failed
          No Credentials are available in the security package
  Thank you very much for your help and appreciate all kind of advice.

  Hi Medes,
  From the error message, it seems that the issue is due to the accounts in another domain has no permission to access the data source theSourceSSAS.
  I recommend to use Stored credential when creating the data source and then check the results.
  Please also check if the Claims to Windows Token Service is running with Local System account.
  If not, please make sure that the account running this service has the permission below:
  Act as part of the operating system.
  Impersonate a client after authentication.
  Log on as a service.
  Thanks,
  Victoria
  Forum Support
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact
  [email protected]
  Victoria Xia
  TechNet Community Support

• Infopath Form error - validation errors that are not in the current view?

  Hey Experts,
  I have a Sharepoint 2010 server running on Server 2008. We have a list that has a custom form created using infopath for editing and new creations.
  The problem appeared after a server restart.
  Users can no longer create a new item in the list when they do they get this error:
  The form contains the following errors:
  Field or group: my:Author
  Error: Cannot be blank
  When I try and preview it in infopath2010 it also does the same thing but provides a more detailed error:
  Infopath cannot submit the form because it contatains validation errors that are not in the current view. Errors are marked with a red astrick or red dashed boarder.
  If you cannot find an error in otherviews, there might be a problem with the forms design.
  I checked all thru the form for my:Author field and can't find it on the page as a control or in the list of fields. Any recommendations?
  Thanks!

  Didn't know you also created this as a thread.  If you send me a direct email in the future, please let me know you also created a thread so that I can answer publicly to help others and to get credit for the time/effort spent.  Thanks.SharePoint Architect || Microsoft MVP ||
  My Blog
  Planet Technologies ||
  SharePoint Task Force

• I have a Galaxy S3 and love this phone but here at my new home which has absolutely no trees of bushes blocking anything, my phone calls are dropped ALL THE TIME and it's driving me crazy.  Verizon finally said that they would come out and boost the signa

  I have a Galaxy S3 and love this phone but here at my new home which has absolutely no trees of bushes blocking anything, my phone calls are dropped ALL THE TIME and it's driving me crazy.  Verizon finally said that they would come out and boost the signal but haven't seen anyone in two weeks.  I have called Verizon tech help for one year to get help with this, either trade phone or something.  I am so frustrated!  I picked Verizon for the clear calls and coverage inside hospitals and buildings but it's been terrible.  I have had three of these phones replaced.  I need a different model like the S4 or the S5 I think cause it's something in this model.

  Verizon is quickly becoming the worst cell phone company out there.  To read all of these pleas from your loyal customers is just so sad and pitiful.  You need to be sued for your data overage charges that you are intentionally imploding on your customers.  They have pleaded, very intelligently, with you to do something to fix the issue and you willingly have NOT.  As is with my reception issue that I was promised a signal booster for two months ago, so is this issue with the data.  You don't follow up and solve the issues.  Therefore the courts will find you fraudulent. When I was promised by your super tech that I needed a signal booster and he was sending it out overnight at no charge to me, I was relieved that it would finally be taken care of so I wouldn't lose faith with Verizon.  Well, that was two months ago now with no record of it ever being ordered or on my file anywhere.  I have since called three more times with hours of conversations about that issue and two more techs have told me they were sending me a signal booster with no follow up what so ever.  WOW!  That's pitiful!  You may not care now, oh but you will later when you lose lots of money and business.

• My calendar events are dropped after the month is over.  How can I stop that from happening?

  My calendar events are dropped after the month is over.  How can I prevent this from happening?

  Settings > Mail, Contacts, Calendars > [scroll way down to the Calendars section] Sync = "All events"

• What do I do after I got an error after trying to download the security update?

  What do I do next when I got an error after trying to download the security update?

  Thank you for providing these details.  It makes helping you much easier.
  You have a 16GB iPad, but have only 2.4GB available.  This is likely contributing to the issue.  This amount, 15% of the iPad's storage capacity, is the minimum free space you should have.  But when updating iOS, you should expect the new version to use somewhat more space than the old.  I believe going to Settings > General > Usage and freeing space will help with your issue.
  Another recommendation would be to use iTunes on your computer to do the update instead of over-the-air.
  I believe either one of these would help you.  Both would be at least as good.

• Drag and Drop error - icons are stuck to the cursor

  For the last few days when I try to use drag and drop, the items stick to the cursor and cannot be dislodged without a force quit or a reboot. That is they drag, but they do not drop. This is really sub-optimal.
  Has this happened to anyone else? How do I fix it?

  Idiot question - How do I re-install Leopard? No matter what I do, it kicks the disk out on restart. I have tried using the 'install' command on the disk, nothing. It kicks the disk out and boots from the hard drive. I have tried rebooting holding down the 'c' key to force it to read from the drive, it still kicks the disk out and boots from the hard drive. What else should I do?
  I researched back further and found another thread where people were complaining of the same drag and drop issue: http://discussions.apple.com/thread.jspa?messageID=6446208
  Someone suggested a solution involving permissions. I fixed my permissions. Drag and drop is still not working.
  There was also a set of commands to type into terminal that would supposedly fix the issue, or perhaps it was a Spotlight issue that the thread had morphed into. I did that. Drag and drop is still not working.
  Am I just totally hosed? Help!

• My deployed printers don't appear on the computers that are part of the security group

  I use the Print Management role to deploy my printers to my users.
  Because I only want those printers to appear on certain laptops/servers, I deployed them using the “Per machine GPO”
  I created an “Office Printers” security group that contains those laptops/servers
  I use this security group to filter my GPO (under Security Filtering)
  The above used to work but after modifying and adding new printers, the printers are not getting deployed anymore.
  Here is what I see:
  - On the laptops/servers I am connecting to (I am the Domain Admin), I can see all the printers
  - On some user’s machine, no printers shows
  - On some user’s machine, only the printers that were listed in GPO before the changes do show
  gpresults –r shows different result:
  - Mine shows: Filtering : Denied (Security) even I see the printers
  - Some machines show: Filtering:  Not Applied (Unknown Reason)
  - Some machines don’t show the GPO at all

  Hi,
  Before posting my question, i ran gpresult /force and rebooted the machines several times.
  I resolved my issue yesterday by "chance":
  - since the deployment was failing using the deploy to GP feature in Print Management, I decided to try to deploy them by using directly GPMC.
  - I discovered that the printer that I added few days ago was not marked as "shared" (I did not think that it was an issue because I assumed that the Print Management did not need this setting to be set). Since the others were shared, I decided to share
  this one as well.
  >>>> that resolved the issue: the printers appeared on all the machines as expected.
  I feel that MS should look into this behavior:
  - Deployment of the printers should not fail if one is not shared
  - if sharing is a must to use this feature, deploying the printer from the Print Management should bring an error.
  Thanks
  Christophe

• Some tcp packets are dropped using socketfilter

  I user socketfilter to intercept tcp packet,but I find that not all of the tcp packet can be intercepted.For examle,I open chrome browser and  
  browse video website,as a result I miss some packets for HTTP  commucication. Thanks very much. My English is not good,I am sorry.
  Waiting for your help.

  Oh dear. That confirms my fear that somehow you have got output files into your source files, maybe you published to that folder.
  Within a version of RH, you could correct that, albeit with quite a bit of work.
  http://www.robowizard.com/RoboWizard/NewProject.htm#MonthlyScry/062004.htm
  However, what you are trying to do is upgrade an output file and the process is not designed for that.  You have to decide on the least work. Uninstall RH8 and install RH7, fix the problem and then upgrade or just get on with redoing those dropdowns in RH8.
  See www.grainge.org for RoboHelp and Authoring tips

• BW7.3 SOURCE_PACKAGE and DATA_PACKAGE are incompatible in the Start Routine

  Hi Gurus,
  a face a strange behavior with BW7.3 and the Inventory Cube 0IC_C03:
  the standard scenario works well when I activate the cube and its transformations ..bx, bf and um. Then I have modified the InfoCube 0IC_C03 and added some field like 0customer or 0doc_number etc. I also added the fields to the InfoSource 2LIS_03_BF_TR and everything was as usual.
  Then I wanted to activate the transformation TRCS 2LIS_03_BF_TR -> CUBE 0IC_C03 when I had the error
  "E:In PERFORM or CALL FUNCTION "ROUTINE_9998", the actual parameter "SOURCE_PACKAGE" is incompatible with the formal parameter "DATA_PACKAGE".
  I already tried to copy and paste the structure of tys_SC_1 to tys_SC_1_full but whenever I activate the transformation my changes are dropped while the error remains. I assume, that the problem is due the compilation process.
  Any hints to solve the problem? Thank you in advance.

  Hi Cemal,
  When we do the modifications at times the field structures inside the start routine are not update so that updation is required to be done manually. Copy the field list of structure (inside the start routine)  tys_SC_1 (this is gryed out i.e. change disabled) and paste the same structure to tys_SC_1_full & tys_TG_1_full.
  Check the routine and save it.
  Hopefully it will solve your problem.
  Regards,
  Dipika

• How can I disable the Security Settings popup in Acrobat XI?

  We are currently using Acrobat X and are getting ready to upgrade to version XI. We dynamically set the security settings w/a button in the toolbar menu to secure documents. Works great. However, while testing the same functionality in version XI a popup always appears when this function is called. The settings are correct in the security setting popup but we do not need the popup to actually appear. Is there a way to disable the popup from appearing? It's confusing my users.
  Thanks in advance for your help.

  Adobe generally has quarterly updates for Acrobat/Reader. If they decide to fix this, I'd be surprised if it made the first one (January 2013?), so it would probably be more like April/July, but that's just a guess. When you submit the bug report, be sure to include how much this negatively affects your workflows and prevents you from upgrading.

• Error: The decapsulated inner packet doesn't match the negotiated policy in the SA

  I upgraded my ASA from 8.2(1) to 8.4(3) as I wanted to try to get Android devices to properly connect via VPN.
  After some effort, I was able to get the Android devices to connect via VPN.  However, my syslog server has a number of errors recorded that look this this:
  %ASA-4-402116: IPSEC: Received an ESP packet (SPI= 0x1E76EFA6, sequence number= 0x1F0) from x.x.x.x (user= testuser) to y.y.y.y.  The decapsulated inner packet doesn't match the negotiated policy in the SA.  The packet specifies its destination as z.z.z.z, its source as a.a.a.a, and its protocol as tcp.  The SA specifies its local proxy as y.y.y.y/255.255.255.255/udp/42246 and its remote_proxy as x.x.x.x/255.255.255.255/udp/0.
  Digging further, it seems this error might be due to a NAT issues with the VPN connections.  VPN previously worked with Cisco's VPN client on Windows, though I did not test to see if that is no longer working.  However, I made no changes in the config, except for those related to additions needed to support L2TP.  With the below config, Android clients can connect to the ASA and access the internal network, but they cannot connect to external addresses.  I'm at a loss.
  The addresses used in the config: 192.168.1.0/24 are on the internal LAN and 192.168.3.0/24 are addresses assigned to VPN clients.
  I noted in the config this line:
  access-list inside_nat0_outbound extended permit ip any 192.168.3.0 255.255.255.0
  The access list is not referenced anywhere, though it was referenced in the 8.2(1) config like this:
  nat (inside) 0 access-list inside_nat0_outbound
  I'm not sure what else changed, but I've looked over the config and I just cannot see what the issue might be.  I'm hoping somebody might be able to point out my error.
  Here's the config file (at least the parts that might be of interest):
  : Saved
  ASA Version 8.4(3)
  interface Vlan1
  nameif inside
  security-level 100
  ip address 192.168.1.1 255.255.255.0
  interface Vlan2
  nameif outside
  security-level 0
  ip address dhcp setroute
  boot system disk0:/asa843-k8.bin
  object network obj-192.168.3.0
  subnet 192.168.3.0 255.255.255.0
  object network obj_any
  subnet 0.0.0.0 0.0.0.0
  access-list outside_access_in extended permit icmp any interface outside time-exceeded
  access-list outside_access_in extended permit icmp any interface outside echo-reply
  access-list outside_access_in extended permit icmp any interface outside unreachable
  access-list outside_mpc extended permit ip any interface outside
  access-list inside_mpc extended permit ip 192.168.1.0 255.255.255.0 any
  access-list testVPN_splitTunnelAcl extended permit ip 192.168.1.0 255.255.255.0 any
  access-list inside_nat0_outbound extended permit ip any 192.168.3.0 255.255.255.0
  ip local pool VPN-Pool-1 192.168.3.1-192.168.3.254 mask 255.255.255.0
  ip verify reverse-path interface outside
  nat (inside,any) source static any any destination static obj-192.168.3.0 obj-192.168.3.0 no-proxy-arp
  object network obj-192.168.3.0
  nat (outside,outside) dynamic interface
  object network obj_any
  nat (inside,outside) dynamic interface
  access-group outside_access_in in interface outside
  crypto ipsec ikev1 transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
  crypto ipsec ikev1 transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
  crypto ipsec ikev1 transform-set ESP-DES-SHA esp-des esp-sha-hmac
  crypto ipsec ikev1 transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
  crypto ipsec ikev1 transform-set ESP-DES-MD5 esp-des esp-md5-hmac
  crypto ipsec ikev1 transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
  crypto ipsec ikev1 transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
  crypto ipsec ikev1 transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
  crypto ipsec ikev1 transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
  crypto ipsec ikev1 transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac
  crypto ipsec ikev1 transform-set ESP-AES-128-SHA-TRANSP esp-aes esp-sha-hmac
  crypto ipsec ikev1 transform-set ESP-AES-128-SHA-TRANSP mode transport
  crypto ipsec ikev1 transform-set ESP-3DES-SHA-TRANSP esp-des esp-sha-hmac
  crypto ipsec ikev1 transform-set ESP-3DES-SHA-TRANSP mode transport
  crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 10 set ikev1 transform-set ESP-AES-128-SHA-TRANSP ESP-3DES-SHA-TRANSP
  crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set pfs
  crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set ikev1 transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA ESP-3DES-MD5 ESP-DES-SHA ESP-DES-MD5
  crypto map outside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
  crypto map outside_map interface outside
  crypto ikev1 enable outside
  crypto ikev1 policy 5
  authentication pre-share
  encryption aes
  hash sha
  group 2
  lifetime 86400
  crypto ikev1 policy 10
  authentication pre-share
  encryption aes-256
  hash sha
  group 2
  lifetime 86400
  group-policy testVPN internal
  group-policy testVPN attributes
  wins-server value 192.168.1.8
  dns-server value 192.168.1.8 192.168.1.4
  vpn-idle-timeout none
  vpn-tunnel-protocol ikev1
  split-tunnel-policy tunnelspecified
  split-tunnel-network-list value testVPN_splitTunnelAcl
  default-domain value test.us
  group-policy testVPNnsl2tp internal
  group-policy testVPNnsl2tp attributes
  wins-server value 192.168.1.8
  dns-server value 192.168.1.8 192.168.1.4
  vpn-idle-timeout none
  vpn-tunnel-protocol l2tp-ipsec
  group-policy testVPNns internal
  group-policy testVPNns attributes
  wins-server value 192.168.1.8
  dns-server value 192.168.1.8 192.168.1.4
  vpn-idle-timeout none
  vpn-tunnel-protocol ikev1
  username testuser password PASSWORD encrypted privilege 15
  username testuser2 password PASSWORD nt-encrypted privilege 15
  tunnel-group DefaultRAGroup general-attributes
  address-pool VPN-Pool-1
  default-group-policy testVPNnsl2tp
  tunnel-group DefaultRAGroup ipsec-attributes
  ikev1 pre-shared-key *****
  tunnel-group DefaultRAGroup ppp-attributes
  authentication ms-chap-v2
  tunnel-group testVPN type remote-access
  tunnel-group testVPN general-attributes
  address-pool VPN-Pool-1
  default-group-policy testVPN
  tunnel-group testVPN ipsec-attributes
  ikev1 pre-shared-key *****
  tunnel-group testVPNns type remote-access
  tunnel-group testVPNns general-attributes
  address-pool VPN-Pool-1
  default-group-policy testVPNns
  tunnel-group testVPNns ipsec-attributes
  ikev1 pre-shared-key *****
  tunnel-group testVPNnsl2tp type remote-access
  tunnel-group testVPNnsl2tp general-attributes
  address-pool VPN-Pool-1
  default-group-policy testVPNnsl2tp
  tunnel-group testVPNnsl2tp ipsec-attributes
  ikev1 pre-shared-key *****
  tunnel-group testVPNnsl2tp ppp-attributes
  authentication ms-chap-v2
  One last question: in order to get the connection from Android to work, I was forced to use "tunnel-group DefaultRAGroup".  Is that actually a limitation, or did I make an error that forced that requirement?  I wanted to use "tunnel-group testVPNnsl2tp".
  Thanks!

  Chris,
  This is still a bit off the mark.  I think I might be confusing the issue by including some of the VPN configuration that I had previously installed and working (e.g., two other VPN tunnel groups with split tunneling on one of them).  Let's just remove that stuff from consideration.  I actually tested the current configs just to see if they are working since the upgrade.  testVPN is working with the split tunneling, but testVPNns (no-split tunneling) does not allow external access.  I guess there is a NAT config issue there, too, but not sure what it is, yet.  I've not investigated that closely.
  I want to solve one problem at a time, though I understand there are some interdependencies.
  What I'd like to focus on right now is just the L2TP VPN connection.
  From what I've been able to understand from the documentation, what I need are these lines:
  crypto ipsec ikev1 transform-set ESP-AES-128-SHA-TRANSP esp-aes esp-sha-hmac
  crypto ipsec ikev1 transform-set ESP-AES-128-SHA-TRANSP mode transport
  crypto ipsec ikev1 transform-set ESP-3DES-SHA-TRANSP esp-des esp-sha-hmac
  crypto ipsec ikev1 transform-set ESP-3DES-SHA-TRANSP mode transport
  crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 10 set ikev1 transform-set ESP-AES-128-SHA-TRANSP ESP-3DES-SHA-TRANSP
  crypto map outside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
  crypto map outside_map interface outside
  crypto ikev1 enable outside
  group-policy testVPNnsl2tp internal
  group-policy testVPNnsl2tp attributes
  wins-server value 192.168.1.8
  dns-server value 192.168.1.8 192.168.1.4
  vpn-idle-timeout none
  vpn-tunnel-protocol l2tp-ipsec
  tunnel-group DefaultRAGroup general-attributes
  address-pool VPN-Pool-1
  default-group-policy testVPNnsl2tp
  tunnel-group DefaultRAGroup ipsec-attributes
  ikev1 pre-shared-key P74bmqL6rT40bl5
  tunnel-group DefaultRAGroup ppp-attributes
  authentication ms-chap-v2
  crypto ikev1 policy 5
  authentication pre-share
  encryption aes
  hash sha
  group 2
  lifetime 86400
  I still want to assign the IP addresses to VPN clients out of 192.168.3.0/24.
  The tricky part is understanding exactly what NAT rules to insert and to avoid that error message I'm getting relatred to the encapsulated packets.  I tried to introduce the commands you had, but it's missing stuff that I would need for L2TP/IPSec (e.g., "mode transport").  I also don't think I want "pfs group5".  The above config "works" in that I get connected -- all negotiation is done.  It's just that packets from the VPN client are not able to go out to the Internet and I'm seeing that encapsulation error messages when I try to send a packet.
  Paul

• ZBF: Required to 'pass' icmp errors in the reverse direction ?

  Hi,
  I've noticed something when having some traffic inspected.
  Imagine you have a zone A and a zone B and a policy allowing all connection from A to B:
  class-map type inspect match-any cm_all
  match protocol icmp
  match protocol tcp
  match protocol udp
  policy-map type inspect pm_all
  class cm_all
    inspect
  zone-pair security zp_A_to_B source zone_A destination zone_B
  service-policy type inspect pm_all
  Now, it turns out that for everything to work as intended, you also need to all a reverse policy B to A that allows icmp errors to pass through.
  ip access-list extended acl_icmp_err
  permit icmp any any unreachable
  permit icmp any any ttl-exceeded
  ipv6 access-list acl_icmp6_err
  permit icmp any any unreachable
  permit icmp any any hop-limit
  permit icmp any any packet-too-big
  class-map type inspect match-all cm_icmp_err
  match protocol icmp
  match access-group name acl_icmp_err
  class-map type inspect match-all cm_icmp6_err
  match protocol icmp
  match access-group name acl_icmp6_err
  policy-map type inspect pm_icmp_err
    class cm_icmp_err
      pass
    class cm_icmp6_err
      pass
  zone-pair security zp_A_to_B source zone_A destination zone_B
  service-policy type inspect pm_icmp_err
  Without this, things like PMTU, traceroute, ... won't work.
  I would have expected that icmp errors "related" to a currently inspected sessions would be accepted in the return traffic, but that's apparently not the case.
  Can anyone comment on this ?
  Cheers,
      Sylvain

  WTF ??? The whole thread is gone ???

• TDS Connect Failure Error 17832 - Login Packet used to open the connection is structually invalid

  I have a package which uses TDS, Tabular Data Stream, to connect from a VAX VMS system to SQL server and it works for all flavors of SQL server. Except for one server. When I try to connect to this server the application gets disconnected after sending the
  Login 7.x message.  The server is running Windows 2008 R2 Standard, SP1, 64-bit and is in a domain.  SQL Server is 2008 R2 (10.50.4000).  SQL Server is configured for "SQL Server and Windows Authentication mode" in Server Properties,
  Security, Server authentication.  It is set to "allow remote connections to this server".  The TCP/IP Client Protocol is enabled in SQL Server Network Configuration, Protocols for MSSQLSERVER.  The SQL log shows 2 Logon source errors
  upon the connection attempt :
  Error: 17832, Severity 20, State 11.
  The login packet used to open the connection is structurally invalid; the connection has been closed.  Please contact the vendor of the client library.  [CLIENT: 172.19.20.122]
  I took a dump of the login packet from the client side package and included it here:
  Sending Login7.x message
  Sending PktTyp=10 LstPkt=01 PktNum=0001 PktSiz=00B8
  0000 b0 00 00 00 01 00 00 71 00 10 00 00 07 00 00 00
  0010 a8 00 00 00 00 00 00 00 e0 03 00 00 68 01 00 00
  0020 04 09 00 00 56 00 06 00 62 00 02 00 66 00 02 00
  0030 6a 00 06 00 76 00 0c 00 00 00 00 00 8e 00 0c 00
  0040 a6 00 00 00 a6 00 05 00 00 06 5b e4 96 08 00 00
  0050 00 00 b6 00 00 00 4c 00 54 00 56 00 56 00 53 00
  0060 42 00 51 00 41 00 b0 a5 b1 a5 47 00 41 00 4e 00
  0070 53 00 4b 00 45 00 69 00 68 00 65 00 2d 00 70 00
  0080 61 00 2d 00 73 00 71 00 6c 00 30 00 31 00 54 00
  0090 44 00 53 00 5f 00 53 00 45 00 52 00 56 00 49 00
  00a0 43 00 45 00 53 00 48 00 38 00 34 00 44 00 42 00
  0000        q                    h       V   b   f   j  
  v          
  0040           [           L T V V S B Q A     G A N S K E i h e - p
  0080 a - s q l 0 1 T D S _ S E R V I C E S H 8 4 D B
  I found other sites which discussed the connection ring buffers and so, I queried them for any information which might help:
  select cast(record as xml) xml_record from sys.dm_os_ring_buffers where ring_buffer_type = 'RING_BUFFER_CONNECTIVITY';
  xml_record:
  <Record id="53" type="RING_BUFFER_CONNECTIVITY" time="1697484630">
    <ConnectivityTraceRecord>
      <RecordType>ConnectionClose</RecordType>
      <RecordSource>Tds</RecordSource>
      <Spid>0</Spid>
      <SniConnectionId>32E3FDFC-2BF2-4EB8-82D2-AE05E73AFCBC</SniConnectionId>
      <SniProvider>7</SniProvider>
      <RemoteHost>172.19.20.122</RemoteHost>
      <RemotePort>1069</RemotePort>
      <LocalHost>156.144.249.81</LocalHost>
      <LocalPort>1433</LocalPort>
      <RecordTime>11/7/2014 15:13:42.729</RecordTime>
      <TdsBuffersInformation>
        <TdsInputBufferError>0</TdsInputBufferError>
        <TdsOutputBufferError>0</TdsOutputBufferError>
        <TdsInputBufferBytes>184</TdsInputBufferBytes>
      </TdsBuffersInformation>
      <TdsDisconnectFlags>
        <PhysicalConnectionIsKilled>0</PhysicalConnectionIsKilled>
        <DisconnectDueToReadError>0</DisconnectDueToReadError>
        <NetworkErrorFoundInInputStream>0</NetworkErrorFoundInInputStream>
        <ErrorFoundBeforeLogin>1</ErrorFoundBeforeLogin>
        <SessionIsKilled>0</SessionIsKilled>
        <NormalDisconnect>0</NormalDisconnect>
        <NormalLogout>0</NormalLogout>
      </TdsDisconnectFlags>
    </ConnectivityTraceRecord>
    <Stack>
      <frame id="0">0X0000000001E21F3B</frame>
      <frame id="1">0X0000000001E1EE4E</frame>
      <frame id="2">0X00000000010D2984</frame>
      <frame id="3">0X0000000000A8AB94</frame>
      <frame id="4">0X0000000000A8B05E</frame>
      <frame id="5">0X0000000000A8AD57</frame>
      <frame id="6">0X0000000000F651DE</frame>
      <frame id="7">0X0000000000F65395</frame>
      <frame id="8">0X0000000000F68925</frame>
      <frame id="9">0X0000000000F659D6</frame>
      <frame id="10">0X00000000755937D7</frame>
      <frame id="11">0X0000000075593894</frame>
      <frame id="12">0X00000000779159ED</frame>
      <frame id="13">0X0000000077B4C541</frame>
    </Stack>
  </Record>
  I feel the problem is in the configuration of the server's authentication which is requiring something beyond SQL server authentication.
  Any help would be appreciated.  Thanks in advance.

  One other item of note is the "SQL Server Network Configuration (32bit) "on this server is empty -- no "Protocols for MSSQLSERVER" branch like the 64-bit "SQL Server Network Configuration". 
  This is perfectly normal if all you have is a 64-bit instance on the machine. You would only see items here if you have a 32-bit server.
  The odd part is the Native Client Configuration shows up under (32bit) with Client Protocols...
  Yes, you always have a 32-bit client, which is to be used with 32-bit applications.
  In any case, whether server is 32-bit or 64-bit is immaterial when you connect.
  I'm afraid that I have not worked with TDS packets so that I can say what is wrong with this package, and I don't think I will try to read the TDS spec to say what the problem may be. But the issue seems to be that whatever you are using to create
  the TDS packets is not doing this fully correctly.
  Erland Sommarskog, SQL Server MVP, [email protected]

• The report server has encountered a configuration error. Logon failed for the unattended execution account. (rsServerConfigurationError) Log on failed. Ensure the user name and password are correct. (rsLogonFailed) Logon failure: unknown user name or bad

  The report server has encountered a configuration error. Logon failed for the unattended execution account. (rsServerConfigurationError)
  Log on failed. Ensure the user name and password are correct. (rsLogonFailed)
  Logon failure: unknown user name or bad password 
  am using Windows integrated security,version of my sql server 2008R2
  I have go throgh the different articuls, they have given different answers,
  So any one give me the  exact soluction for this problem,
  Using service account then i will get the soluction or what?
  pls help me out it is urgent based.
  Regards
  Thanks!

  Hi Ychinnari,
  I have tested on my local environment and can reproduce the issue, as
  Vaishu00547 mentioned that the issue can be caused by the Execution Account you have configured in the Reporting Services Configuration Manager is not correct, Please update the Username and Password and restart the reporting services.
  Please also find more details information about when to use the execution account, if possible,please also not specify this account:
  This account is used under special circumstances when other sources of credentials are not available:
  When the report server connects to a data source that does not require credentials. Examples of data sources that might not require credentials include XML documents and some client-side database applications.
  When the report server connects to another server to retrieve external image files or other resources that are referenced in a report.
  Execution Account (SSRS Native Mode)
  If you still have any problem, please feel free to ask.
  Regards
  Vicky Liu
  Vicky Liu
  TechNet Community Support