PPTP Site-to-Site VPN problem

Discussion in 'Server Networking' started by Sergio Ricci, Oct 4, 2005.

  1. Sergio Ricci

    Sergio Ricci Guest

    Thanks Ian.

    I will try it and post back the results as soon as I can. As the servers
    need to be restarted for the registry changes to take effect I will need to
    carry out the task after hours.

    Sergio
     
    Sergio Ricci, Oct 7, 2005
    #21
    1. Advertisements

  2. Sergio Ricci

    Sergio Ricci Guest

    Bill,

    My apologies for giving out the incorrect info and causing confusion.

    The static routes on the RRAS servers were and actually are setup in the
    RRAS MMC using the wizard and *are* linked to the demand-dial interface.
    This is true for both servers.

    The routes I detailed below should not include the gateways as there is
    indeed no way to configure the gateway when linking static routes to demand
    dial interfaces. Adding this info was an error on my part.

    Thanks again for your time on this issue. I appreciate it.
    Sergio
     
    Sergio Ricci, Oct 7, 2005
    #22
    1. Advertisements

  3. Sergio Ricci

    Ian Guest

    As mentioned in my previous post - the changes in MTU behaviour occured
    in SP1 - Have you tried the hotfix?

    Bill's point is valid. The routes need to be setup as part of the
    creation of the link.
     
    Ian, Oct 7, 2005
    #23
  4. Sergio Ricci

    Sergio Ricci Guest

    Ian,

    I have installed hotfix KB898060-V2 on both RRAS server and restarted them.
    Unfortunately it does not appear to have resolved the issue.

    At this stage my next step will be to remove the hotfix and SP1 from both
    servers and test as suggested by Vincer.

    I will post back the results.

    Again, thank you for your time.
    Sergio
     
    Sergio Ricci, Oct 7, 2005
    #24
  5. Sergio Ricci

    Sergio Ricci Guest

    I removed SP1 from both RRAS servers after removing hotfix KB898060-V2 but
    unfortunately I *still* have the same issue.

    I've now re-installed SP1 as it's removal broke some other apps (nothing
    that I couldn't have resolved with a bit of time but as it didn't resolve
    the issue that this post is about I re-installed it).

    I've seen a post referring to a supported hotfix KB897651. It refers to
    Win2k3 servers that run ISA Server 2000 (not quite my setup as I don't
    currently have ISA server installed on any of these servers) but the
    symptoms are similar and at this stage I am willing to try and install this
    fix to see if it resolves my issue. As I need to call MS for the hotfix it
    will probably need to wait until next week.

    I'll post the results here.
    Thanks.
    Sergio
     
    Sergio Ricci, Oct 8, 2005
    #25
  6. Sergio Ricci

    Sergio Ricci Guest

    I opened a case with Microsoft and worked with one of their engineers who
    appears to have resolved the issue.

    In my case it appears that the issue was predominantly as a result of an
    inbound filter on both Windows 2003 Servers (remember that in my case both
    had SP1 installed). Having removed the filter and ensuring that all hosts
    default gateway point to the appropriate VPN server, it now appears to work
    although tests are on-going.

    To remove the inbound filter, here are the steps:
    1. Open RRAS management console.
    2. Double click the "Connections to Microsoft Routing and Remote Access
    Server" policy to open it Properties page.

    3. Click Edit Profile.

    4. Under the IP tab, click Input Filters.

    5. Remove the current filter and apply the changes.

    6. Perform the steps above for both VPN servers.

    7. You also need to disconnect the current VPN Demand-dial connection
    between the two VPN servers so that the new settings will take effect.

    8. Check if the problem disappears.

    Vincer: I'd be interested to know if this resolves your issue also.

    Thanks to all again.

    Sergio
     
    Sergio Ricci, Oct 12, 2005
    #26
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.