I said below I must have a certificate problem, but I recant. Here is
a group of firewall log entries and I'm not sure how top figure them
out. I see a GRE packet go through, then one is dropped. A little
later ther are 8 drops, about 4 seconds apart. Can anyone tell me why
these packets would be dropped when an earlier packet is allowed. I
do notice that the tcpsyn is 0 on the allowed packet while it is 84 on
the rejected packets.
2008-09-02 20:04:00 ALLOW 47 12.21.244.103 192.168.1.10 - - 0 - - - -
- - - RECEIVE
2008-09-02 20:04:00 DROP 47 12.21.244.103 192.168.1.10 - - 84 - - - -
- - - RECEIVE
2008-09-02 20:04:00 ALLOW ICMP 192.168.1.55 192.168.1.10 - - 0 - - - -
8 0 - RECEIVE
2008-09-02 20:04:03 ALLOW UDP 192.168.1.55 192.168.1.10 2583 389 0 - -
- - - - - RECEIVE
2008-09-02 20:04:03 ALLOW TCP 192.168.1.55 192.168.1.10 2584 135 0 - 0
0 0 - - - RECEIVE
2008-09-02 20:04:03 ALLOW TCP 192.168.1.55 192.168.1.10 2585 49155 0 -
0 0 0 - - - RECEIVE
2008-09-02 20:04:03 ALLOW UDP 192.168.1.55 192.168.1.10 2586 389 0 - -
- - - - - RECEIVE
2008-09-02 20:04:03 ALLOW TCP 192.168.1.55 192.168.1.10 2587 49158 0 -
0 0 0 - - - RECEIVE
2008-09-02 20:04:03 ALLOW TCP 192.168.1.55 192.168.1.10 2588 389 0 - 0
0 0 - - - RECEIVE
2008-09-02 20:04:03 ALLOW TCP 192.168.1.55 192.168.1.10 2589 389 0 - 0
0 0 - - - RECEIVE
2008-09-02 20:04:03 ALLOW ICMP 192.168.1.55 192.168.1.10 - - 0 - - - -
8 0 - RECEIVE
2008-09-02 20:04:03 ALLOW ICMP 192.168.1.55 192.168.1.10 - - 0 - - - -
8 0 - RECEIVE
2008-09-02 20:04:03 ALLOW TCP 192.168.1.55 192.168.1.10 2590 445 0 - 0
0 0 - - - RECEIVE
2008-09-02 20:04:04 ALLOW TCP 192.168.1.55 192.168.1.10 2588 389 0 - 0
0 0 - - - RECEIVE
2008-09-02 20:04:05 DROP 47 12.21.244.103 192.168.1.10 - - 84 - - - -
- - - RECEIVE
2008-09-02 20:04:09 DROP 47 12.21.244.103 192.168.1.10 - - 84 - - - -
- - - RECEIVE
2008-09-02 20:04:13 DROP 47 12.21.244.103 192.168.1.10 - - 84 - - - -
- - - RECEIVE
2008-09-02 20:04:17 DROP 47 12.21.244.103 192.168.1.10 - - 84 - - - -
- - - RECEIVE
2008-09-02 20:04:21 DROP 47 12.21.244.103 192.168.1.10 - - 84 - - - -
- - - RECEIVE
2008-09-02 20:04:25 DROP 47 12.21.244.103 192.168.1.10 - - 84 - - - -
- - - RECEIVE
2008-09-02 20:04:29 DROP 47 12.21.244.103 192.168.1.10 - - 84 - - - -
- - - RECEIVE
2008-09-02 20:04:33 DROP 47 12.21.244.103 192.168.1.10 - - 84 - - - -
- - - RECEIVE
>Bill, thanks for your response. I presume that the WAN Miniport
>(SSTP) Device name is the name of the module and it is capable of
>processing SSTP and PPTP since I see PPTP packets in the trace. It
>was confusing. Remember this is WS2008.
>
>The Connection Manager for Vista does not contain the protocol drop
>down list. XP does. You can however set it when you create the Vista
>Connection Manager.
>
>I am having a time trying to understand the packets, but it loks like
>I have a certificate problem. Again thanks for your response.
>
>
>>
>>"Lee Jefferies" <(E-Mail Removed)> wrote in message
>>news:(E-Mail Removed). ..
>>> I am trying to get VPN to work with WS2008. I have created a
>>> Connection Manager and I turned on the Log. When I try to connect the
>>> system reports it is trying to validate the password and hangs there
>>> until it times out. The password is valid. I can use the VPN
>>> connection inside the LAN but am unsuccessful outside the LAN.
>>>
>>> I want to use PPTP and have configured my server firewall and client
>>> router to pass PPTP packets. The log shows that the Vista client is
>>> sending a Pre Tunnel packet which contains the UserName =, Domain =,
>>> DUNSetting =, and Tunnel DeviceName = WAN Miniport (SSTP). I think my
>>> problem is the SSTP and I'm not sure how to configure my Vista machine
>>> to use PPTP.
>>>
>>> Assistance will be greatly appreciated.
>>
>> You can configure the client to use PPTP only (from the networking tab
>>of connection properties). By default it is set to Automatic. Click to get
>>the dropdown list of options.
>>
|
Similar Threads
Linear Mode
