subject:"RE\: VPN issue..."

RE: VPN issue...

2002-05-23 Thread John Matteson


IPsec cannot be used through a router that NAT's the packets. The NAT'ing
hoses things on the packet.

John Matteson; Exchange Manager 
Geac Corporate Infrastructure Systems and Standards 
(404) 239 - 2981

Defeat is a state of mind. No one is ever defeated until defeat has been
accepted as a reality. To me, defeat in anything is merely temporary, and
its punishment is but an urge for me to greater effort to achieve my goal.
Defeat simply tells me that something is wrong in my doing; it is a path
leading to success and truth. --Bruce Lee



-Original Message-
From: Muqeem Syed [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, May 22, 2002 6:11 PM
To: Exchange Discussions
Subject: VPN issue...




Hi All,
Please check this out... we have a pix firewall in our office with a
frame-relay connection... at the branch office we are connected Via an ADSL
Lucent Cell pipe router... All the configurations on the router were done by
the service provider and he informed us to use the default gateway of
192.168.0.10 for our LAN there... now the problem is that we cannot
establish a PPTP connection between the firewall and the Win 2K clients thru
the ADSL and the LAN ... but when we use dial up coonections and use the
services of the same ISP... we can establish  the VPN connection...
At the firewall end I can see that the client gets connected for some time..
and then is disconnected... on the client side I see the dialg that the
machine is trying to connect to the remote host.. then says.. verifying
username and password and then after some time I get the error that says...
The L2TP connection attempt failed becasue the security layer encountered a
processing error during initial negotiations with the remote computer

Actually this LAN is being set up by a Novice.. but very Enthusiast .. Sys
Admin .. from our branch office.. and so far he had been telling me that the
remote client only attempts to connect to the firewall... he gets the
verifying username and password screen and then it tels him that the
username and the password is bad... .. till I had to force him to allow me
to use PCANywhere and dial into one of the clients... and check myself what
was happening from that end.. when I noticed this...
I feel that this has to do with ... the Win 2000 domain security... I feel
that he has set up the domain and all the machines there on the network to
be forced to use IPSec and since the IPSec policy is being applied to the
LAN cards... but not to the dial up modem interfaces.. I am getting the
error mentioned But if you guys can help me with this.,... please do.. 

I get the error 789 on the Win 2K server.. where in I set up the machine for
PPTP with secure connection as an option.. since the firewall has been set
up at the moment to allow PPTP connections I have myself treid it out on
a ADSL connection .. but from a different Service provider and it appears to
work fine...
CAN it be a NAT issue... but logically again.. I feel it is not.. since I
have configured for a WIndows RRAS server... on a LAN with an ADSL
connection and have succesfully established a VPN conneciton from all the
clients ... .. so I feel that the NATtting is not an issue here... unless
this ISP is blocking some ports.. 
Can some one please throw more light on this
Regards

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

RE: VPN issue...

2002-05-23 Thread Muqeem Syed

But I am using a PPTP.. and I have had a test environ where in a Win 2K machine was a 
\RRAS server and all the clients were able to connect from behind the RRAS server.. 
which was connected to the ADSL

-Original Message-
From: John Matteson [mailto:[EMAIL PROTECTED]]
Sent: Thursday, May 23, 2002 7:23 PM
To: Exchange Discussions
Subject: RE: VPN issue...

IPsec cannot be used through a router that NAT's the packets. The NAT'ing
hoses things on the packet.

John Matteson; Exchange Manager 
Geac Corporate Infrastructure Systems and Standards 
(404) 239 - 2981

Defeat is a state of mind. No one is ever defeated until defeat has been
accepted as a reality. To me, defeat in anything is merely temporary, and
its punishment is but an urge for me to greater effort to achieve my goal.
Defeat simply tells me that something is wrong in my doing; it is a path
leading to success and truth. --Bruce Lee

-Original Message-
From: Muqeem Syed [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, May 22, 2002 6:11 PM
To: Exchange Discussions
Subject: VPN issue...

Hi All,
Please check this out... we have a pix firewall in our office with a
frame-relay connection... at the branch office we are connected Via an ADSL
Lucent Cell pipe router... All the configurations on the router were done by
the service provider and he informed us to use the default gateway of
192.168.0.10 for our LAN there... now the problem is that we cannot
establish a PPTP connection between the firewall and the Win 2K clients thru
the ADSL and the LAN ... but when we use dial up coonections and use the
services of the same ISP... we can establish  the VPN connection...
At the firewall end I can see that the client gets connected for some time..
and then is disconnected... on the client side I see the dialg that the
machine is trying to connect to the remote host.. then says.. verifying
username and password and then after some time I get the error that says...
The L2TP connection attempt failed becasue the security layer encountered a
processing error during initial negotiations with the remote computer

Actually this LAN is being set up by a Novice.. but very Enthusiast .. Sys
Admin .. from our branch office.. and so far he had been telling me that the
remote client only attempts to connect to the firewall... he gets the
verifying username and password screen and then it tels him that the
username and the password is bad... .. till I had to force him to allow me
to use PCANywhere and dial into one of the clients... and check myself what
was happening from that end.. when I noticed this...
I feel that this has to do with ... the Win 2000 domain security... I feel
that he has set up the domain and all the machines there on the network to
be forced to use IPSec and since the IPSec policy is being applied to the
LAN cards... but not to the dial up modem interfaces.. I am getting the
error mentioned But if you guys can help me with this.,... please do.. 

I get the error 789 on the Win 2K server.. where in I set up the machine for
PPTP with secure connection as an option.. since the firewall has been set
up at the moment to allow PPTP connections I have myself treid it out on
a ADSL connection .. but from a different Service provider and it appears to
work fine...
CAN it be a NAT issue... but logically again.. I feel it is not.. since I
have configured for a WIndows RRAS server... on a LAN with an ADSL
connection and have succesfully established a VPN conneciton from all the
clients ... .. so I feel that the NATtting is not an issue here... unless
this ISP is blocking some ports.. 
Can some one please throw more light on this
Regards

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

Re: VPN issue...

2002-05-23 Thread missy koslosky

PPTP != IPSec  -- but you say the L2TP connection failed - L2TP can (and
probably is) use IPSec.
- Original Message -
From: Muqeem Syed [EMAIL PROTECTED]
To: Exchange Discussions [EMAIL PROTECTED]
Sent: Thursday, May 23, 2002 12:35 PM
Subject: RE: VPN issue...

But I am using a PPTP.. and I have had a test environ where in a Win 2K
machine was a \RRAS server and all the clients were able to connect from
behind the RRAS server.. which was connected to the ADSL

-Original Message-
From: John Matteson [mailto:[EMAIL PROTECTED]]
Sent: Thursday, May 23, 2002 7:23 PM
To: Exchange Discussions
Subject: RE: VPN issue...

IPsec cannot be used through a router that NAT's the packets. The
NAT'ing
hoses things on the packet.

John Matteson; Exchange Manager
Geac Corporate Infrastructure Systems and Standards
(404) 239 - 2981

Defeat is a state of mind. No one is ever defeated until defeat has been
accepted as a reality. To me, defeat in anything is merely temporary,
and
its punishment is but an urge for me to greater effort to achieve my
goal.
Defeat simply tells me that something is wrong in my doing; it is a path
leading to success and truth. --Bruce Lee

-Original Message-
From: Muqeem Syed [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, May 22, 2002 6:11 PM
To: Exchange Discussions
Subject: VPN issue...

Hi All,
Please check this out... we have a pix firewall in our office with a
frame-relay connection... at the branch office we are connected Via an
ADSL
Lucent Cell pipe router... All the configurations on the router were
done by
the service provider and he informed us to use the default gateway
of
192.168.0.10 for our LAN there... now the problem is that we cannot
establish a PPTP connection between the firewall and the Win 2K clients
thru
the ADSL and the LAN ... but when we use dial up coonections and use the
services of the same ISP... we can establish  the VPN connection...
At the firewall end I can see that the client gets connected for some
time..
and then is disconnected... on the client side I see the dialg that the
machine is trying to connect to the remote host.. then says.. verifying
username and password and then after some time I get the error that
says...
The L2TP connection attempt failed becasue the security layer
encountered a
processing error during initial negotiations with the remote
computer

Actually this LAN is being set up by a Novice.. but very Enthusiast ..
Sys
Admin .. from our branch office.. and so far he had been telling me that
the
remote client only attempts to connect to the firewall... he gets the
verifying username and password screen and then it tels him that the
username and the password is bad... .. till I had to force him to allow
me
to use PCANywhere and dial into one of the clients... and check myself
what
was happening from that end.. when I noticed this...
I feel that this has to do with ... the Win 2000 domain security... I
feel
that he has set up the domain and all the machines there on the network
to
be forced to use IPSec and since the IPSec policy is being applied to
the
LAN cards... but not to the dial up modem interfaces.. I am getting the
error mentioned But if you guys can help me with this.,... please
do..

I get the error 789 on the Win 2K server.. where in I set up the machine
for
PPTP with secure connection as an option.. since the firewall has been
set
up at the moment to allow PPTP connections I have myself treid it
out on
a ADSL connection .. but from a different Service provider and it
appears to
work fine...
CAN it be a NAT issue... but logically again.. I feel it is not.. since
I
have configured for a WIndows RRAS server... on a LAN with an ADSL
connection and have succesfully established a VPN conneciton from all
the
clients ... .. so I feel that the NATtting is not an issue here...
unless
this ISP is blocking some ports..
Can some one please throw more light on this
Regards

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http

RE: VPN issue...

2002-05-23 Thread Aaron Brasslett

But PPTP can.  Who said anything about IPSec?

-Original Message-
From: John Matteson [mailto:[EMAIL PROTECTED]]
Sent: Thursday, May 23, 2002 12:23 PM
To: Exchange Discussions
Subject: RE: VPN issue...

IPsec cannot be used through a router that NAT's the packets. The NAT'ing
hoses things on the packet.

John Matteson; Exchange Manager 
Geac Corporate Infrastructure Systems and Standards 
(404) 239 - 2981

Defeat is a state of mind. No one is ever defeated until defeat has been
accepted as a reality. To me, defeat in anything is merely temporary, and
its punishment is but an urge for me to greater effort to achieve my goal.
Defeat simply tells me that something is wrong in my doing; it is a path
leading to success and truth. --Bruce Lee

-Original Message-
From: Muqeem Syed [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, May 22, 2002 6:11 PM
To: Exchange Discussions
Subject: VPN issue...

Hi All,
Please check this out... we have a pix firewall in our office with a
frame-relay connection... at the branch office we are connected Via an ADSL
Lucent Cell pipe router... All the configurations on the router were done by
the service provider and he informed us to use the default gateway of
192.168.0.10 for our LAN there... now the problem is that we cannot
establish a PPTP connection between the firewall and the Win 2K clients thru
the ADSL and the LAN ... but when we use dial up coonections and use the
services of the same ISP... we can establish  the VPN connection...
At the firewall end I can see that the client gets connected for some time..
and then is disconnected... on the client side I see the dialg that the
machine is trying to connect to the remote host.. then says.. verifying
username and password and then after some time I get the error that says...
The L2TP connection attempt failed becasue the security layer encountered a
processing error during initial negotiations with the remote computer

Actually this LAN is being set up by a Novice.. but very Enthusiast .. Sys
Admin .. from our branch office.. and so far he had been telling me that the
remote client only attempts to connect to the firewall... he gets the
verifying username and password screen and then it tels him that the
username and the password is bad... .. till I had to force him to allow me
to use PCANywhere and dial into one of the clients... and check myself what
was happening from that end.. when I noticed this...
I feel that this has to do with ... the Win 2000 domain security... I feel
that he has set up the domain and all the machines there on the network to
be forced to use IPSec and since the IPSec policy is being applied to the
LAN cards... but not to the dial up modem interfaces.. I am getting the
error mentioned But if you guys can help me with this.,... please do.. 

I get the error 789 on the Win 2K server.. where in I set up the machine for
PPTP with secure connection as an option.. since the firewall has been set
up at the moment to allow PPTP connections I have myself treid it out on
a ADSL connection .. but from a different Service provider and it appears to
work fine...
CAN it be a NAT issue... but logically again.. I feel it is not.. since I
have configured for a WIndows RRAS server... on a LAN with an ADSL
connection and have succesfully established a VPN conneciton from all the
clients ... .. so I feel that the NATtting is not an issue here... unless
this ISP is blocking some ports.. 
Can some one please throw more light on this
Regards

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

RE: VPN issue...

2002-05-23 Thread Muqeem Syed


Yeah Aaron but the problem you see... for some reason... it is not working on the 
ADSL... and that too only from Sharjah... but I have myself tested it out in CYprus 
with a local ISP and ADSL here and had a win 2K server with 3 clients behind it.. and 
the Win 2K server as a RRAS .. and all the clients could get on to the VPN.. do u 
think it is an issye with the Lucent router.. 

-Original Message-
From: Aaron Brasslett [mailto:[EMAIL PROTECTED]]
Sent: Thursday, May 23, 2002 7:42 PM
To: Exchange Discussions
Subject: RE: VPN issue...


But PPTP can.  Who said anything about IPSec?

-Original Message-
From: John Matteson [mailto:[EMAIL PROTECTED]]
Sent: Thursday, May 23, 2002 12:23 PM
To: Exchange Discussions
Subject: RE: VPN issue...


IPsec cannot be used through a router that NAT's the packets. The NAT'ing
hoses things on the packet.

John Matteson; Exchange Manager 
Geac Corporate Infrastructure Systems and Standards 
(404) 239 - 2981

Defeat is a state of mind. No one is ever defeated until defeat has been
accepted as a reality. To me, defeat in anything is merely temporary, and
its punishment is but an urge for me to greater effort to achieve my goal.
Defeat simply tells me that something is wrong in my doing; it is a path
leading to success and truth. --Bruce Lee



-Original Message-
From: Muqeem Syed [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, May 22, 2002 6:11 PM
To: Exchange Discussions
Subject: VPN issue...




Hi All,
Please check this out... we have a pix firewall in our office with a
frame-relay connection... at the branch office we are connected Via an ADSL
Lucent Cell pipe router... All the configurations on the router were done by
the service provider and he informed us to use the default gateway of
192.168.0.10 for our LAN there... now the problem is that we cannot
establish a PPTP connection between the firewall and the Win 2K clients thru
the ADSL and the LAN ... but when we use dial up coonections and use the
services of the same ISP... we can establish  the VPN connection...
At the firewall end I can see that the client gets connected for some time..
and then is disconnected... on the client side I see the dialg that the
machine is trying to connect to the remote host.. then says.. verifying
username and password and then after some time I get the error that says...
The L2TP connection attempt failed becasue the security layer encountered a
processing error during initial negotiations with the remote computer

Actually this LAN is being set up by a Novice.. but very Enthusiast .. Sys
Admin .. from our branch office.. and so far he had been telling me that the
remote client only attempts to connect to the firewall... he gets the
verifying username and password screen and then it tels him that the
username and the password is bad... .. till I had to force him to allow me
to use PCANywhere and dial into one of the clients... and check myself what
was happening from that end.. when I noticed this...
I feel that this has to do with ... the Win 2000 domain security... I feel
that he has set up the domain and all the machines there on the network to
be forced to use IPSec and since the IPSec policy is being applied to the
LAN cards... but not to the dial up modem interfaces.. I am getting the
error mentioned But if you guys can help me with this.,... please do.. 

I get the error 789 on the Win 2K server.. where in I set up the machine for
PPTP with secure connection as an option.. since the firewall has been set
up at the moment to allow PPTP connections I have myself treid it out on
a ADSL connection .. but from a different Service provider and it appears to
work fine...
CAN it be a NAT issue... but logically again.. I feel it is not.. since I
have configured for a WIndows RRAS server... on a LAN with an ADSL
connection and have succesfully established a VPN conneciton from all the
clients ... .. so I feel that the NATtting is not an issue here... unless
this ISP is blocking some ports.. 
Can some one please throw more light on this
Regards

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED

RE: VPN issue...

2002-05-23 Thread Aaron Brasslett


Possibly a problem with the ADSL router... some routers don't pass PPTP
packets properly.  Upgrade it to the latest firmware.

Also, your ADSL ISP may be blocking PPTP protocol... wouldn't be the first
time I've seem ADSL providers blocking VPN ports.

Aaron

-Original Message-
From: Muqeem Syed [mailto:[EMAIL PROTECTED]]
Sent: Thursday, May 23, 2002 12:45 PM
To: Exchange Discussions
Subject: RE: VPN issue...


Yeah Aaron but the problem you see... for some reason... it is not
working on the ADSL... and that too only from Sharjah... but I have myself
tested it out in CYprus with a local ISP and ADSL here and had a win 2K
server with 3 clients behind it.. and the Win 2K server as a RRAS .. and all
the clients could get on to the VPN.. do u think it is an issye with the
Lucent router.. 

-Original Message-
From: Aaron Brasslett [mailto:[EMAIL PROTECTED]]
Sent: Thursday, May 23, 2002 7:42 PM
To: Exchange Discussions
Subject: RE: VPN issue...


But PPTP can.  Who said anything about IPSec?

-Original Message-
From: John Matteson [mailto:[EMAIL PROTECTED]]
Sent: Thursday, May 23, 2002 12:23 PM
To: Exchange Discussions
Subject: RE: VPN issue...


IPsec cannot be used through a router that NAT's the packets. The NAT'ing
hoses things on the packet.

John Matteson; Exchange Manager 
Geac Corporate Infrastructure Systems and Standards 
(404) 239 - 2981

Defeat is a state of mind. No one is ever defeated until defeat has been
accepted as a reality. To me, defeat in anything is merely temporary, and
its punishment is but an urge for me to greater effort to achieve my goal.
Defeat simply tells me that something is wrong in my doing; it is a path
leading to success and truth. --Bruce Lee



-Original Message-
From: Muqeem Syed [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, May 22, 2002 6:11 PM
To: Exchange Discussions
Subject: VPN issue...




Hi All,
Please check this out... we have a pix firewall in our office with a
frame-relay connection... at the branch office we are connected Via an ADSL
Lucent Cell pipe router... All the configurations on the router were done by
the service provider and he informed us to use the default gateway of
192.168.0.10 for our LAN there... now the problem is that we cannot
establish a PPTP connection between the firewall and the Win 2K clients thru
the ADSL and the LAN ... but when we use dial up coonections and use the
services of the same ISP... we can establish  the VPN connection...
At the firewall end I can see that the client gets connected for some time..
and then is disconnected... on the client side I see the dialg that the
machine is trying to connect to the remote host.. then says.. verifying
username and password and then after some time I get the error that says...
The L2TP connection attempt failed becasue the security layer encountered a
processing error during initial negotiations with the remote computer

Actually this LAN is being set up by a Novice.. but very Enthusiast .. Sys
Admin .. from our branch office.. and so far he had been telling me that the
remote client only attempts to connect to the firewall... he gets the
verifying username and password screen and then it tels him that the
username and the password is bad... .. till I had to force him to allow me
to use PCANywhere and dial into one of the clients... and check myself what
was happening from that end.. when I noticed this...
I feel that this has to do with ... the Win 2000 domain security... I feel
that he has set up the domain and all the machines there on the network to
be forced to use IPSec and since the IPSec policy is being applied to the
LAN cards... but not to the dial up modem interfaces.. I am getting the
error mentioned But if you guys can help me with this.,... please do.. 

I get the error 789 on the Win 2K server.. where in I set up the machine for
PPTP with secure connection as an option.. since the firewall has been set
up at the moment to allow PPTP connections I have myself treid it out on
a ADSL connection .. but from a different Service provider and it appears to
work fine...
CAN it be a NAT issue... but logically again.. I feel it is not.. since I
have configured for a WIndows RRAS server... on a LAN with an ADSL
connection and have succesfully established a VPN conneciton from all the
clients ... .. so I feel that the NATtting is not an issue here... unless
this ISP is blocking some ports.. 
Can some one please throw more light on this
Regards

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp

RE: VPN issue...

2002-05-23 Thread Muqeem Syed

Thats what I was wondering too... but it is the same ISP who is providing the office 
there with a Dial up conneciton as well.. and it seems to work fine

-Original Message-
From: Aaron Brasslett [mailto:[EMAIL PROTECTED]]
Sent: Thursday, May 23, 2002 7:50 PM
To: Exchange Discussions
Subject: RE: VPN issue...

Possibly a problem with the ADSL router... some routers don't pass PPTP
packets properly.  Upgrade it to the latest firmware.

Also, your ADSL ISP may be blocking PPTP protocol... wouldn't be the first
time I've seem ADSL providers blocking VPN ports.

Aaron

-Original Message-
From: Muqeem Syed [mailto:[EMAIL PROTECTED]]
Sent: Thursday, May 23, 2002 12:45 PM
To: Exchange Discussions
Subject: RE: VPN issue...

Yeah Aaron but the problem you see... for some reason... it is not
working on the ADSL... and that too only from Sharjah... but I have myself
tested it out in CYprus with a local ISP and ADSL here and had a win 2K
server with 3 clients behind it.. and the Win 2K server as a RRAS .. and all
the clients could get on to the VPN.. do u think it is an issye with the
Lucent router.. 

-Original Message-
From: Aaron Brasslett [mailto:[EMAIL PROTECTED]]
Sent: Thursday, May 23, 2002 7:42 PM
To: Exchange Discussions
Subject: RE: VPN issue...

But PPTP can.  Who said anything about IPSec?

-Original Message-
From: John Matteson [mailto:[EMAIL PROTECTED]]
Sent: Thursday, May 23, 2002 12:23 PM
To: Exchange Discussions
Subject: RE: VPN issue...

IPsec cannot be used through a router that NAT's the packets. The NAT'ing
hoses things on the packet.

John Matteson; Exchange Manager 
Geac Corporate Infrastructure Systems and Standards 
(404) 239 - 2981

Defeat is a state of mind. No one is ever defeated until defeat has been
accepted as a reality. To me, defeat in anything is merely temporary, and
its punishment is but an urge for me to greater effort to achieve my goal.
Defeat simply tells me that something is wrong in my doing; it is a path
leading to success and truth. --Bruce Lee

-Original Message-
From: Muqeem Syed [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, May 22, 2002 6:11 PM
To: Exchange Discussions
Subject: VPN issue...

Hi All,
Please check this out... we have a pix firewall in our office with a
frame-relay connection... at the branch office we are connected Via an ADSL
Lucent Cell pipe router... All the configurations on the router were done by
the service provider and he informed us to use the default gateway of
192.168.0.10 for our LAN there... now the problem is that we cannot
establish a PPTP connection between the firewall and the Win 2K clients thru
the ADSL and the LAN ... but when we use dial up coonections and use the
services of the same ISP... we can establish  the VPN connection...
At the firewall end I can see that the client gets connected for some time..
and then is disconnected... on the client side I see the dialg that the
machine is trying to connect to the remote host.. then says.. verifying
username and password and then after some time I get the error that says...
The L2TP connection attempt failed becasue the security layer encountered a
processing error during initial negotiations with the remote computer

Actually this LAN is being set up by a Novice.. but very Enthusiast .. Sys
Admin .. from our branch office.. and so far he had been telling me that the
remote client only attempts to connect to the firewall... he gets the
verifying username and password screen and then it tels him that the
username and the password is bad... .. till I had to force him to allow me
to use PCANywhere and dial into one of the clients... and check myself what
was happening from that end.. when I noticed this...
I feel that this has to do with ... the Win 2000 domain security... I feel
that he has set up the domain and all the machines there on the network to
be forced to use IPSec and since the IPSec policy is being applied to the
LAN cards... but not to the dial up modem interfaces.. I am getting the
error mentioned But if you guys can help me with this.,... please do.. 

I get the error 789 on the Win 2K server.. where in I set up the machine for
PPTP with secure connection as an option.. since the firewall has been set
up at the moment to allow PPTP connections I have myself treid it out on
a ADSL connection .. but from a different Service provider and it appears to
work fine...
CAN it be a NAT issue... but logically again.. I feel it is not.. since I
have configured for a WIndows RRAS server... on a LAN with an ADSL
connection and have succesfully established a VPN conneciton from all the
clients ... .. so I feel that the NATtting is not an issue here... unless
this ISP is blocking some ports.. 
Can some one please throw more light on this
Regards

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http

RE: VPN issue...

RE: VPN issue...

Re: VPN issue...

RE: VPN issue...

RE: VPN issue...

RE: VPN issue...

RE: VPN issue...

7 matches

Site Navigation

Mail list logo

Footer information