PPTP connection issues

A

Alex Harrington

Hi

I'm using Windows 2000 to connect over the internet to a PPTP server.

I can connect fine (with MSCHAPv2 and 128bit encryption) and the
packetcounters go up just fine.

If I ping a host on the remote network (10.108.1.1), I see traffic going
out, and comming back via the packet counters, however I never get replies
to the "ping".

Running a packet sniffer on the remote end of the connection gives the
following:

05:53:47.082375 10.108.22.2 > 10.108.1.1: icmp: echo request
05:53:47.082410 10.108.1.1 > 10.108.22.2: icmp: echo reply
05:53:48.231031 10.108.22.2 > 10.108.1.1: icmp: echo request
05:53:48.231043 10.108.1.1 > 10.108.22.2: icmp: echo reply
05:53:49.731065 10.108.22.2 > 10.108.1.1: icmp: echo request
05:53:49.731076 10.108.1.1 > 10.108.22.2: icmp: echo reply
05:53:51.231373 10.108.22.2 > 10.108.1.1: icmp: echo request
05:53:51.231385 10.108.1.1 > 10.108.22.2: icmp: echo reply

so it would appear that my packets are reaching the network at the remote
end, and are being sent back through the PPTP connection to my PC.

Question then is why is ping saying "Request timed out".

The remote network is a class A (10.108.0.0/19 subnet 255.255.224.0) and the
PPP link when its up has addresses in the range 10.108.22.1-254 (ie within
the remote subnet). The remote PPTP server proxies ARP for VPN clients.

I've attached a copy of the routing table on my PC when the connection is
up.

Z:\>route print
===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x1000003 ...00 e0 18 ea a0 1b ...... ASUSTeK/Broadcom 440x 10/100
Integrated Co
ntroller
0x6000004 ...00 53 45 00 00 00 ...... WAN (PPP/SLIP) Interface
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 10.109.1.100 10.109.1.210 1
10.0.0.0 255.0.0.0 10.108.22.2 10.108.22.2 1
10.108.22.2 255.255.255.255 127.0.0.1 127.0.0.1 1
10.109.0.0 255.255.224.0 10.109.1.210 10.109.1.210 1
10.109.1.210 255.255.255.255 127.0.0.1 127.0.0.1 1
10.255.255.255 255.255.255.255 10.108.22.2 10.108.22.2 1
10.255.255.255 255.255.255.255 10.109.1.210 10.109.1.210 1
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
217.155.238.235 255.255.255.255 10.109.1.100 10.109.1.210 1
224.0.0.0 224.0.0.0 10.108.22.2 10.108.22.2 1
224.0.0.0 224.0.0.0 10.109.1.210 10.109.1.210 1
255.255.255.255 255.255.255.255 10.109.1.210 10.109.1.210 1
Default Gateway: 10.109.1.100
===========================================================================
Persistent Routes:
None

and also the IP config

Z:\>ipconfig /all

Windows 2000 IP Configuration

Host Name . . . . . . . . . . . . : titanium
Primary DNS Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : ASUSTeK/Broadcom 440x 10/100
Integra
ted Controller
Physical Address. . . . . . . . . : 00-E0-18-EA-A0-1B
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 10.109.1.210
Subnet Mask . . . . . . . . . . . : 255.255.224.0
Default Gateway . . . . . . . . . : 10.109.1.100
DNS Servers . . . . . . . . . . . : 10.109.1.100

PPP adapter lh:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
Physical Address. . . . . . . . . : 00-53-45-00-00-00
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 10.108.22.2
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 10.108.1.56
10.108.1.56

My guess is that it is some kind of subnetting problem, but I've no idea
what or how to fix it.

Cheers

Alex
 
P

Phillip Windell

Verify your config with one of these first two articles. One is for
"Site-to-Site VPN", the other is for "Remote Access VPN". Use the one that
fits your situation.

Virtual Private Networking with Windows 2000: Deploying Router-to-Router
VPNs
http://www.microsoft.com/windows2000/server/evaluation/features/deplyr2rvpn.asp

Virtual Private Networking with Windows 2000: Deploying Remote Access VPNs
http://www.microsoft.com/windows2000/techinfo/planning/incremental/vpndeploy.asp

Here are some others that may be of interest....

Virtual Private Networking with Windows Server 2003: Deploying Site-to-Site
VPNs
http://www.microsoft.com/technet/prodtechnol/windowsserver2003/technologies/networking/vpndpls2.mspx

Microsoft Windows Server 2003 Remote Access/VPN Server Role
http://www.microsoft.com/technet/pr...3/serverroles/remoteaccessserver/default.mspx

Overview of Deploying Dial-up and VPN Remote Access Servers
http://www.microsoft.com/resources/...2003/all/deployguide/en-us/dnsbf_vpn_mcnx.asp
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top