Someone must know what is wrong with my vpn client connection

[MichaelHLove]

Cannot VPN from desktop to server on internet. Is NOT router or other
straightforward problem. Is a problem in desktop build as same desktop
- new XP install connects fine. Cannot work with new XP install so
trying to fix old install to work with VPN.

Other on internet had this exact problem but I found no answer for it.

Trying to connect to VPN server either on internet or lan. I can see
pptp port outgoing from system process, nothing is incoming. vpn
connection sits and waits.

This is third time I am asking this and other VPN professionals here or
CS at MS cannot help me.

Someone must know the VPN process in XP back to front. How could I
compare reg entries between the two installs including the HKLM reg
entries?

Thank you.

 

[Robert L [MS-MVP]]

What's error code? also test it without other security program running, for example IPSec or prosafe.

Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN Troubleshooting on http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on http://www.HowToNetworking.com
Cannot VPN from desktop to server on internet. Is NOT router or other
straightforward problem. Is a problem in desktop build as same desktop
- new XP install connects fine. Cannot work with new XP install so
trying to fix old install to work with VPN.

Other on internet had this exact problem but I found no answer for it.

Trying to connect to VPN server either on internet or lan. I can see
pptp port outgoing from system process, nothing is incoming. vpn
connection sits and waits.

This is third time I am asking this and other VPN professionals here or
CS at MS cannot help me.

Someone must know the VPN process in XP back to front. How could I
compare reg entries between the two installs including the HKLM reg
entries?

Thank you.

 

[MichaelHLove]

Bob, you could not help me last week. I think we have investigated all
our options.
Thank you though, for your help.

 

[Janani [MSFT]]

Do you have any other VPN client software on this problematic machine?

--
Thanks,
Janani [MSFT]
http://blogs.msdn.com/jananiv

RRAS team blog : http://blogs.msdn.com/rrasblog

 

[MichaelHLove]

not any more.
I hae hamachi on it and secure tunnel which is ssh and not vpn.

 

[bawojcik]

I am seeing the same issue. I suspect it is one of the last set of
patches. We are trying to connect to a Watchguard Firebox

 

[Guest]

Might've said this already, but in case not, remeber that VPN require a
portmapping (1723) AND a special protocol (47) to be pointed at the server,
and allowed past the firewall. Usual thing is that people map the port but
miss the protocol, in which case you can logon but no data gets through.

BTW, I also find that SSH or Zebedee are far more reliable. VPN is cranky at
the best of times.

 

[Sooner Al [MVP]]

You can test both TCP Port 1723 and GRE Protocol 47 traffic through a
firewall/router. Look at the "PPTP Ping" and "VPN Traffic" sections on this
page...

http://www.microsoft.com/technet/community/columns/cableguy/cg0105.mspx

Personally I currently use OpenVPN (a free open source SSL VPN solution) to
securely access my home LAN from remote locations. I have a lot of links on
my small networking page including working examples of server, client and
PocketPC client configuration files...

http://theillustratednetwork.mvps.org/LAN/The_Illustrated_Network.html

I have used Secure Shell (SSH) in the past. In my case I used copSSH as my
SSH server on an XP Pro box. There are also links to SSH information on the
above referenced page...

--
Al Jarvi (MS-MVP Windows Networking)

Please post *ALL* questions and replies to the news group for the
mutual benefit of all of us...
The MS-MVP Program - http://mvp.support.microsoft.com
This posting is provided "AS IS" with no warranties, and confers no
rights...

 

[MichaelHLove]

I cannot use openvpn. I need a pptp client and it seems the microsoft
one is the only one available for XP.
I have done more investigation.

I loaded XP onto another partition on the same desktop and it connected
to your VPN without a problem but I cannot discard my old XP
installation, so to that end, I have still been trying to figure out
what is going on.

I captured some packets and it seems that the desktop never goes beyond
acknowledging the "Start-Control-Connection-Reply", even though the
laptop does not acknowledge at this stage and instead goes to
"Outgoing-Call-Request."


Here is a network capture to show what I mean.

And here's hoping you can help me further.

DESKTOP
No. "Time" "Source" "Destination" "Protocol" "Info"
3 "0.250914" "192.168.2.4" "vpn2.findnot.com" "TCP" "1367 > pptp
[SYN] Seq=0 Ack=0 Win=64512 Len=0 MSS=1460"
4 "0.393033" "vpn2.findnot.com" "192.168.2.4" "TCP" "pptp > 1367
[SYN ACK] Seq=0 Ack=1 Win=5840 Len=0 MSS=1460"
5 "0.393155" "192.168.2.4" "vpn2.findnot.com" "PPTP"
"Start-Control-Connection-Request"
6 "0.536277" "vpn2.findnot.com" "192.168.2.4" "TCP" "pptp > 1367
[ACK] Seq=1 Ack=157 Win=6432 Len=0"
7 "0.537526" "vpn2.findnot.com" "192.168.2.4" "PPTP"
"Start-Control-Connection-Reply"
8 "0.690255" "192.168.2.4" "vpn2.findnot.com" "TCP" "1367 > pptp
[ACK] Seq=157 Ack=157 Win=64356 Len=0"

LAPTOP
No. "Time" "Source" "Destination" "Protocol" "Info"
1 "0.000000" "192.168.2.200" "vpn2.findnot.com" "TCP" "2810 > pptp
[SYN] Seq=0 Ack=0 Win=64512 Len=0 MSS=536"
2 "0.167624" "vpn2.findnot.com" "192.168.2.200" "TCP" "pptp > 2810
[SYN ACK] Seq=0 Ack=1 Win=5840 Len=0 MSS=1460"
3 "0.167926" "192.168.2.200" "vpn2.findnot.com" "PPTP"
"Start-Control-Connection-Request"
4 "0.319507" "vpn2.findnot.com" "192.168.2.200" "TCP" "pptp > 2810
[ACK] Seq=1 Ack=157 Win=6432 Len=0"
5 "0.323032" "vpn2.findnot.com" "192.168.2.200" "PPTP"
"Start-Control-Connection-Reply"
6 "0.323361" "192.168.2.200" "vpn2.findnot.com" "PPTP"
"Outgoing-Call-Request"
7 "0.478946" "vpn2.findnot.com" "192.168.2.200" "PPTP"
"Outgoing-Call-Reply"
8 "0.496139" "192.168.2.200" "vpn2.findnot.com" "PPTP"
"Set-Link-Info"

 

[MichaelHLove]

I cannot use openvpn. I need a pptp client and it seems the microsoft
one is the only one available for XP.
I have done more investigation.

I loaded XP onto another partition on the same desktop and it connected

to rhe VPN without a problem but I cannot discard my old XP
installation, so to that end, I have still been trying to figure out
what is going on.


I captured some packets and it seems that the desktop never goes beyond

acknowledging the "Start-Control-Connection-Reply", even though the
laptop does not acknowledge at this stage and instead goes to
"Outgoing-Call-Request."


Here is a network capture to show what I mean.


And here's hoping you can help me further.


DESKTOP
No. "Time" "Source" "Destination" "Protocol"
"Info"
3 "0.250914" "192.168.2.4" "vpn2.findnot.com"
"TCP" "1367 > pptp
[SYN] Seq=0 Ack=0 Win=64512 Len=0 MSS=1460"
4 "0.393033" "vpn2.findnot.com" "192.168.2.4"
"TCP" "pptp > 1367
[SYN ACK] Seq=0 Ack=1 Win=5840 Len=0 MSS=1460"
5 "0.393155" "192.168.2.4" "vpn2.findnot.com"
"PPTP"
"Start-Control-Connection-Request"
6 "0.536277" "vpn2.findnot.com" "192.168.2.4"
"TCP" "pptp > 1367
[ACK] Seq=1 Ack=157 Win=6432 Len=0"
7 "0.537526" "vpn2.findnot.com" "192.168.2.4"
"PPTP"
"Start-Control-Connection-Reply"
8 "0.690255" "192.168.2.4" "vpn2.findnot.com"
"TCP" "1367 > pptp
[ACK] Seq=157 Ack=157 Win=64356 Len=0"


LAPTOP
No. "Time" "Source" "Destination" "Protocol"
"Info"
1 "0.000000" "192.168.2.200" "vpn2.findnot.com"
"TCP" "2810 > pptp
[SYN] Seq=0 Ack=0 Win=64512 Len=0 MSS=536"
2 "0.167624" "vpn2.findnot.com" "192.168.2.200"
"TCP" "pptp > 2810
[SYN ACK] Seq=0 Ack=1 Win=5840 Len=0 MSS=1460"
3 "0.167926" "192.168.2.200" "vpn2.findnot.com"
"PPTP"
"Start-Control-Connection-Request"
4 "0.319507" "vpn2.findnot.com" "192.168.2.200"
"TCP" "pptp > 2810
[ACK] Seq=1 Ack=157 Win=6432 Len=0"
5 "0.323032" "vpn2.findnot.com" "192.168.2.200"
"PPTP"
"Start-Control-Connection-Reply"
6 "0.323361" "192.168.2.200" "vpn2.findnot.com"
"PPTP"
"Outgoing-Call-Request"
7 "0.478946" "vpn2.findnot.com" "192.168.2.200"
"PPTP"
"Outgoing-Call-Reply"
8 "0.496139" "192.168.2.200" "vpn2.findnot.com"
"PPTP"
"Set-Link-Info"

 

[bawojcik]

Thanks but that isn't it. I have definitely narrowed it down to a
Windows patch(es). Other machines connect fine. This machine will
connect if I remove patches and reboot several times. If I reapply the
patches and reboot several times it will not connect to any of my WG
firewalls....