I've got an interesting issue with PPTP, perhaps someone has a resolution?
Some of my users are complaining about PPTP connections from their work
laptops. when a domain* member laptop connects to the PPTP vpn they can use
web services, telnet, ping, RDP, and do almost everything except browse file
shares. When attempting to use a file share, the laptop stalls for long
periods and will eventually pop up a dialog asking for a username and
password, and reporting that logon through Kerberos failed.
By looking at a packet trace, I was able to see that the Kerberos requests
are being fragmented and parts dropped somewhere. The server responds to
each ticket request with an ICMP type 11 code 1, which is Fragment
Microsoft seems to think it has something to do with this:
http://support.microsoft.com/kb/292788 but the domain controller is 2003,
and the client is XP, so that hotfix does not apply.
I'm thinking the monowall might be the blocking entity here. Suggestions?
*yes, this is a Microsoft Active Directory. now is the part of the show
where you shoot at me for using Microsoft.
Thomas M. Bianco
Sr. Network Operations Technician