Hello!
I need your help, we have a server with a fixed IP that we use to access Terminal Services via a VPN connection. We have worked this way for more than a year and we had never had any problems with the VPN until yesterday.
When any user tries to connect to the VPN he gets an error message with code 806 if he is using vista or code 721 if he is using XP. According to the VPN connection window the clients can connect to the server but the verification of user name and password fails.
I know that the standard procedure in these cases is to check the router and firewall looking for any misconfiguration, but this is not the case because the connection would not had worked for one year if there were any misconfiguration.
According to one coworker our ISP is having a lot of problems with the service, and I am wondering if the cause of the problem could be related to our ISP.
Any help is appreciated
Thanks
Vikktor
Full Version: VPN problems
I think logically you have to check your VPN server, what is your VPN ? is it ISA or cisco or what ?
I'll agree with XP_2600 on the it's probable ISA or Cisco handling the VPN as I haven't seen anybody else with a working Vista VPN client ...(*Shrug*)... At any rate, the 2 error codes mentioned are:
VPN Error 721 - Remote PPP peer or computer is not responding
VPN Error 806 - a connection between your computer and the VPN server has been established but the VPN connection cannot be completed
Both of which imply either a hung box or line issues. Calling ones ISP to see if they thing they're having problems is usually a good palce to start on stuff like this. High latency (and lost packets) will still let you browse the web, but they'll kill a tunnel.
VPN Error 721 - Remote PPP peer or computer is not responding
VPN Error 806 - a connection between your computer and the VPN server has been established but the VPN connection cannot be completed
Both of which imply either a hung box or line issues. Calling ones ISP to see if they thing they're having problems is usually a good palce to start on stuff like this. High latency (and lost packets) will still let you browse the web, but they'll kill a tunnel.
QUOTE(XP_2600 @ Oct 17 2007, 04:34) 
I think logically you have to check your VPN server, what is your VPN ? is it ISA or cisco or what ?
Hi XP_2600, we are using a Windows 2003 Server with the Remote Access/VPN Role enabled
Yesterday I spoke with our ISP and they told me they are having some problems with some fixed IPs, but now I am suspecting that it is not their fault because when I ping the server I get the following:
Ping statistics for xxx.xx.xxx.xxx
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 86ms, Maximum = 87ms, Average = 86ms
and I also can connect to the XAMPP console when I type the server's IP in my browser.
As far as I know I should not be able to ping the server or connect to the XAMPP server running on it if it was an ISP issue, am I right?
You have to monitor your VPN server, to check where is the problem exactly, if you already tried to restart the service or even reboot the machine, and still have the problem, so mostly its an ISP problem, thats based on what you said about not changing any configuration in the server.
QUOTE(Vikktor @ Oct 17 2007, 10:14)
QUOTE(XP_2600 @ Oct 17 2007, 04:34)
I think logically you have to check your VPN server, what is your VPN ? is it ISA or cisco or what ?
Hi XP_2600, we are using a Windows 2003 Server with the Remote Access/VPN Role enabled
Yesterday I spoke with our ISP and they told me they are having some problems with some fixed IPs, but now I am suspecting that it is not their fault because when I ping the server I get the following:
Ping statistics for xxx.xx.xxx.xxx
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 86ms, Maximum = 87ms, Average = 86ms
and I also can connect to the XAMPP console when I type the server's IP in my browser.
As far as I know I should not be able to ping the server or connect to the XAMPP server running on it if it was an ISP issue, am I right?
Not Exactly, as neither action requires a fast, stable connection. And as you said nothing on the server has changed ... Event logs should be full of errors if the server was having a meltdown.
Successfully sending 4 32 byte ping packets only proves that none of the wires have been completely cut in half. The connection can still be useless for something like a VPN which requires a clean fat pipe to play in. Try sending continuous, unfragmented, 512 byte packets up that wire and see what that does. Chances are it will either start dropping them, spike the latency, or both (Which makes it a line/ISP issue).
PING -f -t -l 512 [TargeT IP]
QUOTE(XP_2600 @ Oct 17 2007, 10:07)
You have to monitor your VPN server, to check where is the problem exactly, if you already tried to restart the service or even reboot the machine, and still have the problem, so mostly its an ISP problem, thats based on what you said about not changing any configuration in the server.
I have already restarted the server and the problem continues.
QUOTE(Phonics Monkey @ Oct 17 2007, 11:14)
... Try sending continuous, unfragmented, 512 byte packets up that wire and see what that does. Chances are it will either start dropping them, spike the latency, or both (Which makes it a line/ISP issue).
PING -f -t -l 512 [TargeT IP]
I did what you told me, here are the results:
Ping statistics for xxx.xx.xxx.xxx:
Packets: Sent = 136, Received = 134, Lost = 2 (1% loss),
Approximate round trip times in milli-seconds:
Minimum = 116ms, Maximum = 496ms, Average = 191ms
The strange thing is that 30 min ago a user was able to connect to the VPN and when I saw that I tried to connect and was successful, but then I disconnected and tried to connect again and received error 721 again. The other user was disconnected soon after that.
I have already checked the event viewer looking for strange logs but as far as I am able to see there is nothing out of usual.
I also checked the router looking for a blocked port or protocol without luck.
On the other hand my ISP has been supposedly working on this issue since monday but the problem continues.
Is there any other thing I can try?
Thank you guys
ًWhats news ? did you get it working or not yet?
Hi guys, after one week of problems and given the fact that our ISP had not sorted the problem out, on Saturday we decided to connect the server to another fixed IP that we have in the office for the CCTV and everything went back to normal.
Thank you for all your help
Vikktor
Thank you for all your help
Vikktor
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.