Re: Sometimes it works sometimes it doesn't (VPN data issues)

In news:1188941806.053045.301590@xxxxxxxxxxxxxxxxxxxxxxxxxxx,
trump26901@xxxxxxxxx <trump26901@xxxxxxxxx> typed:
I am running a windows2k3 SBS server behind a linksys firewall. I
have about three users that I would like to connect remotely using the
built in windows VPN. I have followed the recomended steps, made sure
the proper ports are opened, the server is configured correctly, and
everything seemed to be running perfectly.

Over the last few months, I've had numerous complaints about the
remote users having troubles connecting to our network. Aparently
they all can connect without an issue and work properly about 35% of
the time, but the rest, they time out waiting to verify user name and
password.

I figured this was a firewall issue blocking VPN data, but the problem
is that the firewall has been set to allow the proper ports open and
I've verified that it is indeed true (I"ve even switched firewalls,
but no luck).

The funny thing is that if I get the user to try and connect multiple
times as quick as possible by clicking cancel quickly after they see
the connection will stall and then starting the connection process
over, they can eventally connect in, but I"m sure this is exploiting
some bug as a potential security breach and either way, it is not an
efficient way to connect.

I also noticed that there are times when connected to the VPN that it
will timeout. What I mean is that the connection will still show as
active, but the data connection is effectively terminated and the
remote user is forced to disconnect and reconnect.

I have been playing around with this VPN problem at my house (with a
netgear router) and I"ve noticed that there are times I can connect
without an issue and other times it does not let me in, and about 1/2
the time I can't get in (even with the reconnect trick) I can unplug
my router at home, let it reset and then I can connect to the VPN.
While this is anoying, I have access to my router and can reset it,
but this same problem happens for users from hotels or other internet
connections where they don't have physical access to the router or its
settings.

I was under the impression that the intergrated VPN solution from MS
was a nice simple tool that was easily implimented. I have been very
pleased with it up until this point, but the data connection troubles
are getting to the point where I"m going to be forced to buy some
external VPN solution to make sure my users can always connect to our
business network.

Does anyone have an idea on what my problem is, I feel like my problem
is on the remote side, but it seems independant of all hardware/ISPs
so I"m thinking there must be some setting to change off the defaults
to allow the VPN to work without getting filtered on the remote side.

Your help is much appreciated.

Thanks,
Andrew

Two portrs need to be open to allow PPTP:
TCP 1723 (which is GRE)
Protocol ID #47 (not really a port, but rather a Protocol #)

Protocol ID #47 on a Linksys can be opened up by stipulating allowing "PPTP
Pass Through". I believe the same with a NetGear.

What ports did you allow in your router? Can you elaborate? Also, Bob asked
what error is the client side getting? Any errors on the server side in the
Event logs?


--
Regards,
Ace

This posting is provided "AS-IS" with no warranties or guarantees and
confers no rights.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT,
MVP Microsoft MVP - Directory Services
Microsoft Certified Trainer

Infinite Diversities in Infinite Combinations

Having difficulty reading or finding responses to your post?
Try using Outlook Express or any other newsreader, configure a news
account, and point it to news.microsoft.com. Anonymous access. It's
easy and it's free:

How to Configure OEx for Internet News
http://support.microsoft.com/?id=171164

"Life isn't like a box of chocolates or a bowl of cherries or
peaches... Life is more like a jar of jalapenos. What you do today
may burn your *** tomorrow." - Garfield


.