PPTP in VPN Concentrator

Unanswered Question
Jan 21st, 2009
User Badges:

Dear all,

In VPN Concentrator,PPTP VPN connection, not get authentication, verifying user name & password, but when we connect through vpn client software, which is IPSEC/UDP, get connect on VPN concentrator, this happens suddenly. after some time it woking. so, we contucted a test from outside of the network, PPTP VPN is working, while comes from ISP is not. what could be cause.

prompt response is much appicate,

thanks & regards

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Yudong Wu Thu, 01/22/2009 - 11:08
User Badges:
  • Gold, 750 points or more

I guess your ISP might block PPTP port TCP/1723.

zakid Fri, 01/23/2009 - 03:44
User Badges:

many thanks..... for ur prompt reply, how could is possible, it is working from many years. how can i prove that is from ISP. could you explain, please

thanks & regards,

Yudong Wu Fri, 01/23/2009 - 07:44
User Badges:
  • Gold, 750 points or more

Since PPTP works OK when you tested on your outside network, this means that your PPTP configuration should be OK. That's why I am thinking it might be caused by your ISP blocking the port for PPTP. You might check the log on VPN concentrator and do a packet sniffer to find it out.

zakid Sun, 02/01/2009 - 11:18
User Badges:


dear, again the same problem happened. as you said, i snif the packet while traffic coming from ISP and as well as connecting through my Outside network. while analysing the packets several request, ack, ms chap authentication, login successful and compresed packet can see clearly, in through my outside network. while the analysing packet of isp, packet request, ack are fine, but ms chap authen & ppp LCP in not fine conversation, and again and again requesting. so i send to this management. but same time if there is any possible of upgrading IOS from 4.7 or any other recommendation,


awaiting for your response.


thanks & regards

JORGE RODRIGUEZ Sun, 02/01/2009 - 12:14
User Badges:
  • Green, 3000 points or more


Zak, I do agree with Kevin  .but  sounds you have ruled out ISP blocking PPTP with sniff results  but  to be completely sure you should from  outside  conduct a telnet test on port 1723  towards your VPN concentrator public IP address.


c:\telnet < VPN_gateway_outside_IP>  1723


if telnet test fails double check  PPTP is enabled under udner Configuration\System\PPTP 


if telnet test is successful I would suggest to double check    VPN PPTP  authentication protocols configuration under   System/Usermanager/Groups/VPN(internally Configure) and verify  authen protocols are in fact enabled .


The question would probably be  can any of your PPTP clients successfully connect at all?  or is it just a few clients unable to connect,   what are you using for authenticating your users   RADIUS  from MS-IAS  , is it possible some changes may have occor in RADIUS? 


If you can rule out  all these above we' could take different  troubleshooting approach.


Regards  

Yudong Wu Sun, 02/01/2009 - 20:38
User Badges:
  • Gold, 750 points or more

If your PPTP client works fine when it is in your outside network, I believe that your VPN concentator's configuration should be good. Is there any other device between your outside network and ISP? Remember you need open two ports for PPTP to work, one is TCP/1723 which is for PPTP control session and the other is GRE which is for data packets.

zakid Mon, 02/02/2009 - 03:48
User Badges:

many thanks for all your efforts,

I telnet vpn public address with port 1723, is opening the session, and i double with tunneling & security, PPTP is enabled. and i also double check GRE it also enabled. we can say almost it working more than 6 years, no changes at all from side.


Regards,

JORGE RODRIGUEZ Mon, 02/02/2009 - 16:26
User Badges:
  • Green, 3000 points or more

1- Can you post some real time vpn logs when PPTP client tries connecting.


2- When was the last time the unit was power clycle? you may want to try a reboot, save VPN configuration prior doing a reboot.


3- What version code are you running

zakid Sun, 04/05/2009 - 08:09
User Badges:

hi, really sorry for delay.... once it working for a while... we didn't care..

3.Current VER is 4.1.7 E

2.Last month.

zakid Thu, 04/09/2009 - 02:31
User Badges:

hi all,

Cisco Cotent Switch giving problem of intermittent connecting PPTP, we by pass the device, problem solved.

thanking all, for your efforts


thanks & regards,


Actions

This Discussion