TechRepublic|Forums|Networks

Networks

General discussion

  • Creator
    Topic
  • November 12, 2003 at 3:16 pm #2297613

    VPN problem

    Locked

    by robotechab · about 20 years, 5 months ago

    Have cable modem from Shaw with a Linksys BEFSR41 router. Worked for a few years but started to disconnect on and off dispite firmware updates, etc. Few few weeks ago our VPN stopped working. Tried multiple Linksys and DLINK routers with the exact same results. We have the following ports open:

    25: SMTP mail port forward to exchange – works
    80: HTTP port forwarded to web server – works
    1723: VPN – not working
    443: SSL – working

    Router has PPTP passthrough enabled.

    We have the Linksys router at a number of client sites that we support and the configuration is similar to what we have here. Had several of our techs looking at it including myself but have not been able to figure out the problem. Found Microsoft artical talking about a problem with VPN and this particular linksys router. Now running DLink DI-604 with same results. Ran port scan and the ports listed above are visible.

    Client receives:

    error 628: The connection was closed.

    Able to VPN internally just fine. Using PPTP only since L2TP will not work through these NAT routers. Suggestions in news groups have not pointed me to any solution to date.

    We keep our servers patched with latest SP and security updates from Microsoft.

    Topic is locked This conversation is currently closed to new comments.
  • Creator
    Topic

All Comments

  • Author
    Replies
    • November 13, 2003 at 5:00 pm #2677393

      Reply To: VPN problem

      by singh · about 20 years, 5 months ago

      In reply to VPN problem

      Hi,
      I would suggest looking at the routing. This problem normally happens when the PPTP response is not sent back to the client after authentication. It could be possible that the ISP may have had a static route setup to route packets to a different ip or internalle someone may have setup a staic route on the srvr or router. Pls make sure you also not blocking ports on the switch by ip address
      Cheers

    • November 14, 2003 at 1:41 pm #2678571

      Reply To: VPN problem

      by ctmoore1998 · about 20 years, 5 months ago

      In reply to VPN problem

      First can you PING the IP address of the remote end? some ISP have been locking down ICMP traffic and it is used to initate VPN’s on most routers. If you can ping can you successfully traceroute to the remote? Your networks on each end have to be different ie your can’t vpn from 192.168.0.0 255.255.255.0 to 192.168.0.0 255.255.255.0 Also you want to exclude your vpn traffic from the NAT process. Next you need to verify that your encryption is properly configured. A lot of these SOHO boxes have configuration for remote and local SID’s I’ve found that I have the best luck if the SID equals the IP address, in fact on Netgear the VPN wouldn’t work unless they are set to the IP even though the directions say any alpha numeric value can be used.

      • November 18, 2003 at 9:46 am #2676619

        Reply To: VPN problem

        by robotechab · about 20 years, 5 months ago

        In reply to Reply To: VPN problem

        I’m trying to establish a VPN tunnel through the box. The box does not host VPN connections.

    • November 16, 2003 at 9:58 am #2680397

      Reply To: VPN problem

      by rasman · about 20 years, 5 months ago

      In reply to VPN problem

      You will need to setup netmon and trap the connection process. You can send me that information and I can take a look. If I had to guess I would go with MTU problem.
      Ras.

    • November 22, 2003 at 7:33 am #2673984

      Reply To: VPN problem

      by ctmoore1998 · about 20 years, 5 months ago

      In reply to VPN problem

      Get a NETGEAR FM813 router this supports router to router vpn is very easy to configure and maintain. Works great.

      • November 25, 2003 at 8:33 am #2675119

        Reply To: VPN problem

        by robotechab · about 20 years, 4 months ago

        In reply to Reply To: VPN problem

        I’m not trying to do router to router VPN. I’m trying to get laptops for my techs to establish a VPN connection through the router to a Windows 2000 server. All I need is the firewall to port forward the VPN traffic to the server. I’ve tried other hardware with the same results so the problem is in configuration somewhere.

    • December 24, 2003 at 6:30 am #2672659

      Reply To: VPN problem

      by ericb8276 · about 20 years, 3 months ago

      In reply to VPN problem

      I have setup the exact same thing using dlink 701 and a Windows 2000 server using rras. It works fine however these changes were made:
      Setup 1723 to nat to internal IP and W2K server had dhcp setup for 5 addresses outside the range of the dlink as not to get conflicts. I can remotely manage the router and get screen shots if you want.

    • April 28, 2004 at 7:07 am #2733234

      Reply To: VPN problem

      by robotechab · about 19 years, 11 months ago

      In reply to VPN problem

      This question was closed by the author

  • Author
    Replies
Viewing 5 reply threads