[ previous ] [ next ] [ threads ]
 
 From:  William Arlofski <waa dash m0n0wall at revpol dot com>
 To:  "Chris L." <bm underscore pro at yahoo dot co dot uk>
 Cc:  Jason King <jking at informs dot com>, m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Access remote PPTP server through Monowall?
 Date:  Thu, 29 Sep 2005 09:51:54 -0400 
Chris L. wrote:
> VPN PPTP server using the XP client..the connection
> >stops while saying "Verifying Username and
> >password..".
> >Eventually expires and says that there is no


Chris... With PPTP you can not have more than ONE outgoing connection
through a NATted connection.

If you have (2) XP Machines A and B inside your LAN making the PPTP
connection to the remote site, and everything is working OK, the FIRST
will work and the second will exhibit the time out issue you explain above.

Once the first machine disconnects and the remote PPTP server times out
the connection you will be able to connet form a second location from
inside your LAN.

Is it possible that another machine has opened a PPTP conection to the
remote site before you can attempt with your machine?

BTW, I experienced this exact problem a while back, but the clients were
MAC OSX - The problem is with PPTP and NAT, not XP, or Mac etc...

Even if this is not your problem now, it may well become your NEXT
problem once you solve whatever is stopping your outgoing PPTP
connections (if you have more than one PPTP client behind NAT)

Bill Arlofski




Chris L. wrote:
> Hi Jason,
> 
> Thank you for the reply.
> 
> Some clarifications:
> 
> 1)I'm the admin in both sites.
> 2)The VPN I'm trying to access is outside my LAN
> (remote location).
> 3)Accessing that VPN from elsewhere gives me no
> problems at all. Hence I don't have any IP
> restrictions on that VPN.
> The remote site VPN is based on a VIGOR 2600VG router:
> http://www.draytek.co.uk/products/vigor2600v.html
> 
> 4) On my site (@work) I have monowall with a very
> basic configuration. Only a couple of open ports for
> some applications and that's about it.
> I haven't specifically instructed monowall to do
> egress filtering.
> Version: 1.1 
> 
> My XP client is not on DMZ. It's just one of the hosts
> that belong to the main LAN subnet.
> 
> I believe that PPTP request is reaching the remote
> site but it cannot receive back a response from it.
> This must be true because when I'connecting from home
> the XP client works perfect.
> At home there is only a router with NO Firewall.
> Simple NAT setup...BUT I have enabled the option "VPN
> Passthrough".
> 
> I presume that opening some ports will solve it.
> 
> Chris
> 
> 
> --- Jason King <jking at informs dot com> wrote:
> 
> 
>>First, the VPN you are trying to get to from behind
>>the m0n0wall. Are
>>you trying to connect to the m0n0wall VPN or another
>>VPN outside your
>>LAN? Second, if you are not getting a response from
>>the assumed REMOTE
>>VPN, make sure you are not egress filtering. Most
>>firewalls are set to
>>allow all traffic from the LAN segment to go
>>anywhere on any port. Just
>>make sure that is what you have running. If you
>>think your XP client
>>might be on the DMZ side, you may be doing some
>>egress filtering there.
>>Lastly, the remote VPN might be doing filtering and
>>may be blocking your
>>request if you are not coming from the correct IP
>>address. Double check
>>that with the remote VPN admin.
>>
>>Jason
>>
>>Chris L. wrote:
>>
>>
>>>Hi people,
>>>
>>>I am really sorry if this has been answered in the
>>>past. I tried to find information regarding this
>>
>>issue
>>
>>>but I was unsuccessful.
>>>
>>>The problem:
>>>I have a monowall server at work (with also acts as
>>
>>a
>>
>>>PPTP server with predefined users and works very
>>
>>well.
>>
>>>Users can dial in to our company's network without
>>
>>any
>>
>>>problem.
>>>
>>>When I am trying to dial (behind monowall) to
>>
>>remote
>>
>>>VPN PPTP server using the XP client..the connection
>>>stops while saying "Verifying Username and
>>>password..".
>>>Eventually expires and says that there is no
>>
>>response
>>>from the remote end.
>>
>>>The remote PPTP server works well if I try to
>>
>>connect
>>>from home (no firewall at all-just a router which
>>
>>>allows VPN Passthrough).
>>>
>>>It's been 3 days now and I can't figure out why. I
>>
>>am
>>
>>>not a networks expert but I've solved previous
>>>monowall problems with ease....but not this one!
>>>
>>>Please help!
>>>
>>>Many thanks,
>>>
>>>Chris
>>>
>>>
>>>
>>>		
>>
>>___________________________________________________________
>>
>>
>>>How much free photo storage do you get? Store your
>>
>>holiday 
>>
>>>snaps for FREE with Yahoo! Photos
>>
>>http://uk.photos.yahoo.com
>>
>>---------------------------------------------------------------------
>>
>>>To unsubscribe, e-mail:
>>
>>m0n0wall dash unsubscribe at lists dot m0n0 dot ch
>>
>>>For additional commands, e-mail:
>>
>>m0n0wall dash help at lists dot m0n0 dot ch
>>
>>> 
>>>
>>
>>
> ---------------------------------------------------------------------
> 
>>To unsubscribe, e-mail:
>>m0n0wall dash unsubscribe at lists dot m0n0 dot ch
>>For additional commands, e-mail:
>>m0n0wall dash help at lists dot m0n0 dot ch
>>
>>
> 
> 
> 
> 
> 		
> ___________________________________________________________ 
> How much free photo storage do you get? Store your holiday 
> snaps for FREE with Yahoo! Photos http://uk.photos.yahoo.com
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>