PPTP & GRE problems?



hello folks,

i have a win2003 server that terminates PPTP sessions using routing and
remote access. clients are coming from the public internet through a
Cayman 3546 modem/router combo. up until a month ago things were
working fine. now clients get the Error 721 that is commonly related to
PPTP passthru and GRE support not being enabled on the router. i went
back and checked the router settings and followed the Netopia/Cayman
directions exactly:
but still no dice. the VPN connection from clients on the public
internet just hang at "Verifying username and password" then Error 721;
netstat on the server even reports an established connection on port
1723. OSX clients attempting to establish a VPN connection terminate
with "LCP: timeout sending Config-Requests. PPTP connections within the
LAN (bypassing the external router interface) work as they should.

i am starting to think that the latest Cayman 3546 firmware 6.4.0 R2
could be the culprit, but i can't be for sure because Netopia won't
provide older firmware images and the tech that begrudgingly spoke to
me said that downgrading the firmware is not supported (say what?).

the routing and remote access logs on the server don't provide any
clues and the router doesn't provide any feedback on what might be

does anybody have any suggestions on troubleshooting this? any help
would be appreciated.



I just recently had to replace an old DSL router with a Netopia 3346
and am experiencing the exact same problem. I also have a win2003 sbs
server with ISA running on it that terminated PPTP sessions and it
worked just fine up until the router change. Naturally my new router
is running the latest firmware...

I have been tinkering with the router config and Netopia seems to have
a "gateway terminated" VPN solution built into the router. It is
accessed under the IPSEC settings of the router. Here is an excerpt
from the router config screen....

Two separate mechanisms for IPSec tunnel support are provided by your
IPSec PassThrough supports VPN clients running on LAN-connected

o Disable this checkbox if your LAN-side VPN client includes its own
NAT interoperability solution.

o SafeHarbour is a keyed feature that enables Gateway-terminated VPN

Well, naturally the config screen won't seem to hold the setting of me
disabling the "safeHarbour" feature. It unclicks, but as soon as the
router config is saved and restarted, its on agan...

I'm calling netopia in the A.M.

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question