Pre Tunnel Event for VPN

Discussion in 'Windows Networking' started by Lee Jefferies, Sep 1, 2008.

  1. I am trying to get VPN to work with WS2008. I have created a
    Connection Manager and I turned on the Log. When I try to connect the
    system reports it is trying to validate the password and hangs there
    until it times out. The password is valid. I can use the VPN
    connection inside the LAN but am unsuccessful outside the LAN.

    I want to use PPTP and have configured my server firewall and client
    router to pass PPTP packets. The log shows that the Vista client is
    sending a Pre Tunnel packet which contains the UserName =, Domain =,
    DUNSetting =, and Tunnel DeviceName = WAN Miniport (SSTP). I think my
    problem is the SSTP and I'm not sure how to configure my Vista machine
    to use PPTP.

    Assistance will be greatly appreciated.
     
    Lee Jefferies, Sep 1, 2008
    #1
    1. Advertisements

  2. Lee Jefferies

    Bill Grant Guest

    You can force the client to use PPTP only (from the Networking tab). By
    default it is set to automatic. Click to get the dropdown list of options.
     
    Bill Grant, Sep 1, 2008
    #2
    1. Advertisements

  3. Lee Jefferies

    Bill Grant Guest

    You can configure the client to use PPTP only (from the networking tab
    of connection properties). By default it is set to Automatic. Click to get
    the dropdown list of options.
     
    Bill Grant, Sep 1, 2008
    #3
  4. Bill, thanks for your response. I presume that the WAN Miniport
    (SSTP) Device name is the name of the module and it is capable of
    processing SSTP and PPTP since I see PPTP packets in the trace. It
    was confusing. Remember this is WS2008.

    The Connection Manager for Vista does not contain the protocol drop
    down list. XP does. You can however set it when you create the Vista
    Connection Manager.

    I am having a time trying to understand the packets, but it loks like
    I have a certificate problem. Again thanks for your response.
     
    Lee Jefferies, Sep 2, 2008
    #4
  5. I said below I must have a certificate problem, but I recant. Here is
    a group of firewall log entries and I'm not sure how top figure them
    out. I see a GRE packet go through, then one is dropped. A little
    later ther are 8 drops, about 4 seconds apart. Can anyone tell me why
    these packets would be dropped when an earlier packet is allowed. I
    do notice that the tcpsyn is 0 on the allowed packet while it is 84 on
    the rejected packets.

    2008-09-02 20:04:00 ALLOW 47 12.21.244.103 192.168.1.10 - - 0 - - - -
    - - - RECEIVE
    2008-09-02 20:04:00 DROP 47 12.21.244.103 192.168.1.10 - - 84 - - - -
    - - - RECEIVE
    2008-09-02 20:04:00 ALLOW ICMP 192.168.1.55 192.168.1.10 - - 0 - - - -
    8 0 - RECEIVE
    2008-09-02 20:04:03 ALLOW UDP 192.168.1.55 192.168.1.10 2583 389 0 - -
    - - - - - RECEIVE
    2008-09-02 20:04:03 ALLOW TCP 192.168.1.55 192.168.1.10 2584 135 0 - 0
    0 0 - - - RECEIVE
    2008-09-02 20:04:03 ALLOW TCP 192.168.1.55 192.168.1.10 2585 49155 0 -
    0 0 0 - - - RECEIVE
    2008-09-02 20:04:03 ALLOW UDP 192.168.1.55 192.168.1.10 2586 389 0 - -
    - - - - - RECEIVE
    2008-09-02 20:04:03 ALLOW TCP 192.168.1.55 192.168.1.10 2587 49158 0 -
    0 0 0 - - - RECEIVE
    2008-09-02 20:04:03 ALLOW TCP 192.168.1.55 192.168.1.10 2588 389 0 - 0
    0 0 - - - RECEIVE
    2008-09-02 20:04:03 ALLOW TCP 192.168.1.55 192.168.1.10 2589 389 0 - 0
    0 0 - - - RECEIVE
    2008-09-02 20:04:03 ALLOW ICMP 192.168.1.55 192.168.1.10 - - 0 - - - -
    8 0 - RECEIVE
    2008-09-02 20:04:03 ALLOW ICMP 192.168.1.55 192.168.1.10 - - 0 - - - -
    8 0 - RECEIVE
    2008-09-02 20:04:03 ALLOW TCP 192.168.1.55 192.168.1.10 2590 445 0 - 0
    0 0 - - - RECEIVE
    2008-09-02 20:04:04 ALLOW TCP 192.168.1.55 192.168.1.10 2588 389 0 - 0
    0 0 - - - RECEIVE
    2008-09-02 20:04:05 DROP 47 12.21.244.103 192.168.1.10 - - 84 - - - -
    - - - RECEIVE
    2008-09-02 20:04:09 DROP 47 12.21.244.103 192.168.1.10 - - 84 - - - -
    - - - RECEIVE
    2008-09-02 20:04:13 DROP 47 12.21.244.103 192.168.1.10 - - 84 - - - -
    - - - RECEIVE
    2008-09-02 20:04:17 DROP 47 12.21.244.103 192.168.1.10 - - 84 - - - -
    - - - RECEIVE
    2008-09-02 20:04:21 DROP 47 12.21.244.103 192.168.1.10 - - 84 - - - -
    - - - RECEIVE
    2008-09-02 20:04:25 DROP 47 12.21.244.103 192.168.1.10 - - 84 - - - -
    - - - RECEIVE
    2008-09-02 20:04:29 DROP 47 12.21.244.103 192.168.1.10 - - 84 - - - -
    - - - RECEIVE
    2008-09-02 20:04:33 DROP 47 12.21.244.103 192.168.1.10 - - 84 - - - -
    - - - RECEIVE
     
    Lee Jefferies, Sep 3, 2008
    #5
  6. Lee Jefferies

    Bill Grant Guest

    I am not too sure where you looked, but it certainly works for me in
    Vista Business SP1. The only difference is that it includes sstp, which XP
    didn't!

    VPN Connection Properties | Networking tab.
    Top line reads "Type of VPN:"
    Second line is a dropdown list - default setting Automatic
     
    Bill Grant, Sep 3, 2008
    #6
  7. I am attaching a picture of my properties window.
     
    Lee Jefferies, Sep 3, 2008
    #7
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.