General discussion


RRAS only allows 1 VPN session

By jonhunt2 ·
I have a Windows 2003 Small Business server where I have configured PPTP VPN access. I opened the ports on the firewall and it seems to work fine - at least for the first session. Subsequent sessions are denied access with error 671 (I think that's right) - Host computer not responding. After 5-10 minutes after the first session logs off, another user will be able to establish a VPN connection. I have increased the number VPN ports from 5 PPTP to 15 - and up to 15 L2TP for good measure even though we're not using L2TP right now. What could be limiting my PPTP sessions to one at a time??


This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

Collapse -

by acattr In reply to RRAS only allows 1 VPN se ...

I've seen this happen many times before. Basically you have a pptp server is in site A. You have multiple pptp clients in site b. when one user in site b connects, other users in site b can't connect.

just a thought. Have you tried to see if a user in site b can connect when another user in site C is connected? I am sure it will work.

Most firewalls only allow one PPTP client at a time. The reason why, is because unlike other traffic, PPTP doesnt just use TCP connections. It also uses a protocol called GRE. Unlike TCP which can be natted so multiple users can make multiple connections. Only one GRE session is allowed per external IP address the firewall has. The way I resolved this on our firewalls(cisco pix at siteb) was to map an external ip address to each internal pptp client that needed to use vpn. That way each client will have GRE traffic forwarded to them.

I hope this was clear.

Collapse -

by jonhunt2 In reply to

Great! That sounds very logical and I'm sure that's what is happening. Thanks again for your input. :)

Collapse -

by jonhunt2 In reply to RRAS only allows 1 VPN se ...

This question was closed by the author

Related Discussions

Related Forums