| Author |
Message |
Gaylen Michael
Guest
|
 Posted:
Fri Sep 30, 2005 8:50 am Post subject:
VPN debugging fun, time to test your minds |
|
|
Ok - here's the problem in short, I've got a VPN server that's dropping
connections after a couple minutes from clients who are connecting from
certain locations.
Here's the scenario that is driving me NUTS!
Company A has a Windows 2003 server that is multi-homed and connected
directly to our LAN and WAN at the office. VPN connections within the LAN
work great and stay up all day. The VPN server seems to work fine for some
WAN based users but not for others. I've had it work great for me when I am
at one of the hotspots that I manage but then it drops within 3 mintues when
I go home and yes this is from the same laptop computer. So, this would
tell me it's something specific to my home LAN or ISP right? Well, I manage
another Windows 2003 VPN server for a different Company B and I can VPN into
that network all day and stay connected, again from the same computer and as
well from my home network. The RRAS settings for these two company's is
practically identical. So, that tells me that my home LAN is fine for
outbound Windows VPN connections then right?
Somehow it's the combination of my home LAN and company A's VPN
configuration.
Below is my home lan ipconfig
Ethernet adapter Wireless Network Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/Wireless
Physical Address. . . . . . . . . : 00-0E-35-8E-64-DB
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 192.168.2.102
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.2.1
DHCP Server . . . . . . . . . . . : 192.168.2.1
DNS Servers . . . . . . . . . . . : 192.168.2.1
This is the Company A's vpn ipconfig once I connect from within that home
lan. Yes, I do not choose to use the default gateway on either of my VPN
connections to either company A or B.
PPP adapter :
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
Physical Address. . . . . . . . . : 00-53-45-00-00-00
Dhcp Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 10.10.10.16
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 10.10.10.100
10.10.10.100
Primary WINS Server . . . . . . . : 10.10.10.100
Thx,
Gaylen |
|
| Back to top |
|
 |
Wendel Hamilton
Guest
|
| Posted:
Mon Oct 03, 2005 12:50 pm Post subject:
RE: VPN debugging fun, time to test your minds |
|
|
Gaylen,
Can you turn on log errors and warnings in Routing and remote access
including PPP logging and post them here.
It may give us a clue as to why it’s happening.
Sound weird though.
Regards Wendel..
"Gaylen Michael" wrote:
| Quote: | Ok - here's the problem in short, I've got a VPN server that's dropping
connections after a couple minutes from clients who are connecting from
certain locations.
Here's the scenario that is driving me NUTS!
Company A has a Windows 2003 server that is multi-homed and connected
directly to our LAN and WAN at the office. VPN connections within the LAN
work great and stay up all day. The VPN server seems to work fine for some
WAN based users but not for others. I've had it work great for me when I am
at one of the hotspots that I manage but then it drops within 3 mintues when
I go home and yes this is from the same laptop computer. So, this would
tell me it's something specific to my home LAN or ISP right? Well, I manage
another Windows 2003 VPN server for a different Company B and I can VPN into
that network all day and stay connected, again from the same computer and as
well from my home network. The RRAS settings for these two company's is
practically identical. So, that tells me that my home LAN is fine for
outbound Windows VPN connections then right?
Somehow it's the combination of my home LAN and company A's VPN
configuration.
Below is my home lan ipconfig
Ethernet adapter Wireless Network Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/Wireless
Physical Address. . . . . . . . . : 00-0E-35-8E-64-DB
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 192.168.2.102
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.2.1
DHCP Server . . . . . . . . . . . : 192.168.2.1
DNS Servers . . . . . . . . . . . : 192.168.2.1
This is the Company A's vpn ipconfig once I connect from within that home
lan. Yes, I do not choose to use the default gateway on either of my VPN
connections to either company A or B.
PPP adapter :
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
Physical Address. . . . . . . . . : 00-53-45-00-00-00
Dhcp Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 10.10.10.16
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 10.10.10.100
10.10.10.100
Primary WINS Server . . . . . . . : 10.10.10.100
Thx,
Gaylen
|
|
|
| Back to top |
|
|
Gaylen Michael
Guest
|
| Posted:
Mon Oct 03, 2005 12:50 pm Post subject:
Re: VPN debugging fun, time to test your minds |
|
|
Hi Wendel,
I've got Log errors and Warnings ticked as well the option below "Log
additional Routing and Remote Access information (used for debugging)"
selected.
At the bottom of the window it states that these logs can be found in the
%windir%\tracing directory. When I go to that directory there is a mess of
log files. Anyway of knowing which one would be applicable to dropped VPNs?
Thx,
Gaylen
"Wendel Hamilton" <WendelHamilton@discussions.microsoft.com> wrote in
message news:779B6B53-4B78-43E7-9EF7-70EBA635BEF8@microsoft.com...
| Quote: | Gaylen,
Can you turn on log errors and warnings in Routing and remote access
including PPP logging and post them here.
It may give us a clue as to why it's happening.
Sound weird though.
Regards Wendel..
"Gaylen Michael" wrote:
Ok - here's the problem in short, I've got a VPN server that's dropping
connections after a couple minutes from clients who are connecting from
certain locations.
Here's the scenario that is driving me NUTS!
Company A has a Windows 2003 server that is multi-homed and connected
directly to our LAN and WAN at the office. VPN connections within the
LAN
work great and stay up all day. The VPN server seems to work fine for
some
WAN based users but not for others. I've had it work great for me when I
am
at one of the hotspots that I manage but then it drops within 3 mintues
when
I go home and yes this is from the same laptop computer. So, this would
tell me it's something specific to my home LAN or ISP right? Well, I
manage
another Windows 2003 VPN server for a different Company B and I can VPN
into
that network all day and stay connected, again from the same computer and
as
well from my home network. The RRAS settings for these two company's is
practically identical. So, that tells me that my home LAN is fine for
outbound Windows VPN connections then right?
Somehow it's the combination of my home LAN and company A's VPN
configuration.
Below is my home lan ipconfig
Ethernet adapter Wireless Network Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/Wireless
Physical Address. . . . . . . . . : 00-0E-35-8E-64-DB
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 192.168.2.102
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.2.1
DHCP Server . . . . . . . . . . . : 192.168.2.1
DNS Servers . . . . . . . . . . . : 192.168.2.1
This is the Company A's vpn ipconfig once I connect from within that home
lan. Yes, I do not choose to use the default gateway on either of my VPN
connections to either company A or B.
PPP adapter :
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
Physical Address. . . . . . . . . : 00-53-45-00-00-00
Dhcp Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 10.10.10.16
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 10.10.10.100
10.10.10.100
Primary WINS Server . . . . . . . : 10.10.10.100
Thx,
Gaylen
|
|
|
| Back to top |
|
|
Wendel Hamilton
Guest
|
| Posted:
Tue Oct 04, 2005 7:30 am Post subject:
Re: VPN debugging fun, time to test your minds |
|
|
Gaylen,
Remote access events are also logged in the event viewer in System. Lets
look at them first the log file of most interest would be probably ppp.log
which is a log of the packets for the PPP connection.
There are millions of entrees 1 per packet in fact. So as soon as you have
captured the event turn the logging off as it will degrade performance.
"Gaylen Michael" wrote:
| Quote: | Hi Wendel,
I've got Log errors and Warnings ticked as well the option below "Log
additional Routing and Remote Access information (used for debugging)"
selected.
At the bottom of the window it states that these logs can be found in the
%windir%\tracing directory. When I go to that directory there is a mess of
log files. Anyway of knowing which one would be applicable to dropped VPNs?
Thx,
Gaylen
"Wendel Hamilton" <WendelHamilton@discussions.microsoft.com> wrote in
message news:779B6B53-4B78-43E7-9EF7-70EBA635BEF8@microsoft.com...
Gaylen,
Can you turn on log errors and warnings in Routing and remote access
including PPP logging and post them here.
It may give us a clue as to why it's happening.
Sound weird though.
Regards Wendel..
"Gaylen Michael" wrote:
Ok - here's the problem in short, I've got a VPN server that's dropping
connections after a couple minutes from clients who are connecting from
certain locations.
Here's the scenario that is driving me NUTS!
Company A has a Windows 2003 server that is multi-homed and connected
directly to our LAN and WAN at the office. VPN connections within the
LAN
work great and stay up all day. The VPN server seems to work fine for
some
WAN based users but not for others. I've had it work great for me when I
am
at one of the hotspots that I manage but then it drops within 3 mintues
when
I go home and yes this is from the same laptop computer. So, this would
tell me it's something specific to my home LAN or ISP right? Well, I
manage
another Windows 2003 VPN server for a different Company B and I can VPN
into
that network all day and stay connected, again from the same computer and
as
well from my home network. The RRAS settings for these two company's is
practically identical. So, that tells me that my home LAN is fine for
outbound Windows VPN connections then right?
Somehow it's the combination of my home LAN and company A's VPN
configuration.
Below is my home lan ipconfig
Ethernet adapter Wireless Network Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/Wireless
Physical Address. . . . . . . . . : 00-0E-35-8E-64-DB
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 192.168.2.102
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.2.1
DHCP Server . . . . . . . . . . . : 192.168.2.1
DNS Servers . . . . . . . . . . . : 192.168.2.1
This is the Company A's vpn ipconfig once I connect from within that home
lan. Yes, I do not choose to use the default gateway on either of my VPN
connections to either company A or B.
PPP adapter :
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
Physical Address. . . . . . . . . : 00-53-45-00-00-00
Dhcp Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 10.10.10.16
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 10.10.10.100
10.10.10.100
Primary WINS Server . . . . . . . : 10.10.10.100
Thx,
Gaylen
|
|
|
| Back to top |
|
|
Wendel Hamilton
Guest
|
| Posted:
Sun Oct 09, 2005 8:50 am Post subject:
Re: VPN debugging fun, time to test your minds |
|
|
Gaylen,
This is the exact event log you would receive if you have the link time out
set in your dial up connection.
Check that the timeout is set to never.
"Gaylen Michael" wrote:
| Quote: | Hi Wendel,
Here's what I got out of the System Event Log. I've also attached the
PPP.log that I started right before I connected. Oddly, this is the first
time the event ID 20194 has appeared in my System Log? Even though this
problem has been occuring since RRAS was setup. No idea how or why the log
says I was disconnected by the user's request?
Event Type: Information
Event Source: RemoteAccess
Event Category: None
Event ID: 20194
Date: 10/8/2005
Time: 12:10:14 PM
User: N/A
Computer: PSSERVER
Description:
The user DOMAINNAME\Gaylen connected on port VPN6-3 on 10/8/2005 at 12:07 PM
and disconnected on 10/8/2005 at 12:10 PM. The user was active for 2
minutes 58 seconds. 56317 bytes were sent and 60686 bytes were received.
The reason for disconnecting was user request.
Thx,
Gaylen
"Wendel Hamilton" <WendelHamilton@discussions.microsoft.com> wrote in
message news:5280228B-72B5-4016-8603-D8205FB0CE6B@microsoft.com...
Gaylen,
Remote access events are also logged in the event viewer in System. Lets
look at them first the log file of most interest would be probably ppp.log
which is a log of the packets for the PPP connection.
There are millions of entrees 1 per packet in fact. So as soon as you have
captured the event turn the logging off as it will degrade performance.
"Gaylen Michael" wrote:
Hi Wendel,
I've got Log errors and Warnings ticked as well the option below "Log
additional Routing and Remote Access information (used for debugging)"
selected.
At the bottom of the window it states that these logs can be found in the
%windir%\tracing directory. When I go to that directory there is a mess
of
log files. Anyway of knowing which one would be applicable to dropped
VPNs?
Thx,
Gaylen
"Wendel Hamilton" <WendelHamilton@discussions.microsoft.com> wrote in
message news:779B6B53-4B78-43E7-9EF7-70EBA635BEF8@microsoft.com...
Gaylen,
Can you turn on log errors and warnings in Routing and remote access
including PPP logging and post them here.
It may give us a clue as to why it's happening.
Sound weird though.
Regards Wendel..
"Gaylen Michael" wrote:
Ok - here's the problem in short, I've got a VPN server that's
dropping
connections after a couple minutes from clients who are connecting
from
certain locations.
Here's the scenario that is driving me NUTS!
Company A has a Windows 2003 server that is multi-homed and connected
directly to our LAN and WAN at the office. VPN connections within the
LAN
work great and stay up all day. The VPN server seems to work fine for
some
WAN based users but not for others. I've had it work great for me
when I
am
at one of the hotspots that I manage but then it drops within 3
mintues
when
I go home and yes this is from the same laptop computer. So, this
would
tell me it's something specific to my home LAN or ISP right? Well, I
manage
another Windows 2003 VPN server for a different Company B and I can
VPN
into
that network all day and stay connected, again from the same computer
and
as
well from my home network. The RRAS settings for these two company's
is
practically identical. So, that tells me that my home LAN is fine for
outbound Windows VPN connections then right?
Somehow it's the combination of my home LAN and company A's VPN
configuration.
Below is my home lan ipconfig
Ethernet adapter Wireless Network Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/Wireless
Physical Address. . . . . . . . . : 00-0E-35-8E-64-DB
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 192.168.2.102
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.2.1
DHCP Server . . . . . . . . . . . : 192.168.2.1
DNS Servers . . . . . . . . . . . : 192.168.2.1
This is the Company A's vpn ipconfig once I connect from within that
home
lan. Yes, I do not choose to use the default gateway on either of my
VPN
connections to either company A or B.
PPP adapter :
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
Physical Address. . . . . . . . . : 00-53-45-00-00-00
Dhcp Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 10.10.10.16
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 10.10.10.100
10.10.10.100
Primary WINS Server . . . . . . . : 10.10.10.100
Thx,
Gaylen
|
|
|
| Back to top |
|
|
Gaylen Michael
Guest
|
| Posted:
Mon Oct 10, 2005 12:50 am Post subject:
Re: VPN debugging fun, time to test your minds |
|
|
Yep, it's set to never. Keep in mind I can stay connected from the same PC
but on a different network just fine. That of course is the most perplexing
part of this problem.
"Wendel Hamilton" <WendelHamilton@discussions.microsoft.com> wrote in
message news:1E651DCA-45F5-4B1C-B3A7-870421268A59@microsoft.com...
| Quote: | Gaylen,
This is the exact event log you would receive if you have the link time
out
set in your dial up connection.
Check that the timeout is set to never.
"Gaylen Michael" wrote:
Hi Wendel,
Here's what I got out of the System Event Log. I've also attached the
PPP.log that I started right before I connected. Oddly, this is the
first
time the event ID 20194 has appeared in my System Log? Even though this
problem has been occuring since RRAS was setup. No idea how or why the
log
says I was disconnected by the user's request?
Event Type: Information
Event Source: RemoteAccess
Event Category: None
Event ID: 20194
Date: 10/8/2005
Time: 12:10:14 PM
User: N/A
Computer: PSSERVER
Description:
The user DOMAINNAME\Gaylen connected on port VPN6-3 on 10/8/2005 at 12:07
PM
and disconnected on 10/8/2005 at 12:10 PM. The user was active for 2
minutes 58 seconds. 56317 bytes were sent and 60686 bytes were received.
The reason for disconnecting was user request.
Thx,
Gaylen
"Wendel Hamilton" <WendelHamilton@discussions.microsoft.com> wrote in
message news:5280228B-72B5-4016-8603-D8205FB0CE6B@microsoft.com...
Gaylen,
Remote access events are also logged in the event viewer in System.
Lets
look at them first the log file of most interest would be probably
ppp.log
which is a log of the packets for the PPP connection.
There are millions of entrees 1 per packet in fact. So as soon as you
have
captured the event turn the logging off as it will degrade performance.
"Gaylen Michael" wrote:
Hi Wendel,
I've got Log errors and Warnings ticked as well the option below "Log
additional Routing and Remote Access information (used for debugging)"
selected.
At the bottom of the window it states that these logs can be found in
the
%windir%\tracing directory. When I go to that directory there is a
mess
of
log files. Anyway of knowing which one would be applicable to dropped
VPNs?
Thx,
Gaylen
"Wendel Hamilton" <WendelHamilton@discussions.microsoft.com> wrote in
message news:779B6B53-4B78-43E7-9EF7-70EBA635BEF8@microsoft.com...
Gaylen,
Can you turn on log errors and warnings in Routing and remote access
including PPP logging and post them here.
It may give us a clue as to why it's happening.
Sound weird though.
Regards Wendel..
"Gaylen Michael" wrote:
Ok - here's the problem in short, I've got a VPN server that's
dropping
connections after a couple minutes from clients who are connecting
from
certain locations.
Here's the scenario that is driving me NUTS!
Company A has a Windows 2003 server that is multi-homed and
connected
directly to our LAN and WAN at the office. VPN connections within
the
LAN
work great and stay up all day. The VPN server seems to work fine
for
some
WAN based users but not for others. I've had it work great for me
when I
am
at one of the hotspots that I manage but then it drops within 3
mintues
when
I go home and yes this is from the same laptop computer. So, this
would
tell me it's something specific to my home LAN or ISP right? Well,
I
manage
another Windows 2003 VPN server for a different Company B and I can
VPN
into
that network all day and stay connected, again from the same
computer
and
as
well from my home network. The RRAS settings for these two
company's
is
practically identical. So, that tells me that my home LAN is fine
for
outbound Windows VPN connections then right?
Somehow it's the combination of my home LAN and company A's VPN
configuration.
Below is my home lan ipconfig
Ethernet adapter Wireless Network Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/Wireless
Physical Address. . . . . . . . . : 00-0E-35-8E-64-DB
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 192.168.2.102
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.2.1
DHCP Server . . . . . . . . . . . : 192.168.2.1
DNS Servers . . . . . . . . . . . : 192.168.2.1
This is the Company A's vpn ipconfig once I connect from within
that
home
lan. Yes, I do not choose to use the default gateway on either of
my
VPN
connections to either company A or B.
PPP adapter :
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : WAN (PPP/SLIP)
Interface
Physical Address. . . . . . . . . : 00-53-45-00-00-00
Dhcp Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 10.10.10.16
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 10.10.10.100
10.10.10.100
Primary WINS Server . . . . . . . : 10.10.10.100
Thx,
Gaylen
|
|
|
| Back to top |
|
|
Wendel Hamilton
Guest
|
| Posted:
Mon Oct 10, 2005 8:50 am Post subject:
Re: VPN debugging fun, time to test your minds |
|
|
Gaylen,
Check the following on the VPN server
Open Routing and remote access manager
Expand remote access policies
Right click on the policies there and select properties
Click the Edit profile button
Check that Disconnect if Idle for is NOT checked
Check that Restrict maximum session to is NOT checked.
You have to do this for each access policy.
"Gaylen Michael" wrote:
| Quote: | Yep, it's set to never. Keep in mind I can stay connected from the same PC
but on a different network just fine. That of course is the most perplexing
part of this problem.
"Wendel Hamilton" <WendelHamilton@discussions.microsoft.com> wrote in
message news:1E651DCA-45F5-4B1C-B3A7-870421268A59@microsoft.com...
Gaylen,
This is the exact event log you would receive if you have the link time
out
set in your dial up connection.
Check that the timeout is set to never.
"Gaylen Michael" wrote:
Hi Wendel,
Here's what I got out of the System Event Log. I've also attached the
PPP.log that I started right before I connected. Oddly, this is the
first
time the event ID 20194 has appeared in my System Log? Even though this
problem has been occuring since RRAS was setup. No idea how or why the
log
says I was disconnected by the user's request?
Event Type: Information
Event Source: RemoteAccess
Event Category: None
Event ID: 20194
Date: 10/8/2005
Time: 12:10:14 PM
User: N/A
Computer: PSSERVER
Description:
The user DOMAINNAME\Gaylen connected on port VPN6-3 on 10/8/2005 at 12:07
PM
and disconnected on 10/8/2005 at 12:10 PM. The user was active for 2
minutes 58 seconds. 56317 bytes were sent and 60686 bytes were received.
The reason for disconnecting was user request.
Thx,
Gaylen
"Wendel Hamilton" <WendelHamilton@discussions.microsoft.com> wrote in
message news:5280228B-72B5-4016-8603-D8205FB0CE6B@microsoft.com...
Gaylen,
Remote access events are also logged in the event viewer in System.
Lets
look at them first the log file of most interest would be probably
ppp.log
which is a log of the packets for the PPP connection.
There are millions of entrees 1 per packet in fact. So as soon as you
have
captured the event turn the logging off as it will degrade performance.
"Gaylen Michael" wrote:
Hi Wendel,
I've got Log errors and Warnings ticked as well the option below "Log
additional Routing and Remote Access information (used for debugging)"
selected.
At the bottom of the window it states that these logs can be found in
the
%windir%\tracing directory. When I go to that directory there is a
mess
of
log files. Anyway of knowing which one would be applicable to dropped
VPNs?
Thx,
Gaylen
"Wendel Hamilton" <WendelHamilton@discussions.microsoft.com> wrote in
message news:779B6B53-4B78-43E7-9EF7-70EBA635BEF8@microsoft.com...
Gaylen,
Can you turn on log errors and warnings in Routing and remote access
including PPP logging and post them here.
It may give us a clue as to why it's happening.
Sound weird though.
Regards Wendel..
"Gaylen Michael" wrote:
Ok - here's the problem in short, I've got a VPN server that's
dropping
connections after a couple minutes from clients who are connecting
from
certain locations.
Here's the scenario that is driving me NUTS!
Company A has a Windows 2003 server that is multi-homed and
connected
directly to our LAN and WAN at the office. VPN connections within
the
LAN
work great and stay up all day. The VPN server seems to work fine
for
some
WAN based users but not for others. I've had it work great for me
when I
am
at one of the hotspots that I manage but then it drops within 3
mintues
when
I go home and yes this is from the same laptop computer. So, this
would
tell me it's something specific to my home LAN or ISP right? Well,
I
manage
another Windows 2003 VPN server for a different Company B and I can
VPN
into
that network all day and stay connected, again from the same
computer
and
as
well from my home network. The RRAS settings for these two
company's
is
practically identical. So, that tells me that my home LAN is fine
for
outbound Windows VPN connections then right?
Somehow it's the combination of my home LAN and company A's VPN
configuration.
Below is my home lan ipconfig
Ethernet adapter Wireless Network Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/Wireless
Physical Address. . . . . . . . . : 00-0E-35-8E-64-DB
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 192.168.2.102
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.2.1
DHCP Server . . . . . . . . . . . : 192.168.2.1
DNS Servers . . . . . . . . . . . : 192.168.2.1
This is the Company A's vpn ipconfig once I connect from within
that
home
lan. Yes, I do not choose to use the default gateway on either of
my
VPN
connections to either company A or B.
PPP adapter :
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : WAN (PPP/SLIP)
Interface
Physical Address. . . . . . . . . : 00-53-45-00-00-00
Dhcp Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 10.10.10.16
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 10.10.10.100
10.10.10.100
Primary WINS Server . . . . . . . : 10.10.10.100
Thx,
Gaylen
|
|
|
| Back to top |
|
|
Gaylen Michael
Guest
|
| Posted:
Mon Oct 10, 2005 8:50 pm Post subject:
Re: VPN debugging fun, time to test your minds |
|
|
I only have the 2 default policies listed here and neither of those policies
have any Dial-in Constraints checked.
"Wendel Hamilton" <WendelHamilton@discussions.microsoft.com> wrote in
message news:7090064E-C4DA-4D80-9866-179E76CD05E0@microsoft.com...
| Quote: | Gaylen,
Check the following on the VPN server
Open Routing and remote access manager
Expand remote access policies
Right click on the policies there and select properties
Click the Edit profile button
Check that Disconnect if Idle for is NOT checked
Check that Restrict maximum session to is NOT checked.
You have to do this for each access policy.
"Gaylen Michael" wrote:
Yep, it's set to never. Keep in mind I can stay connected from the same
PC
but on a different network just fine. That of course is the most
perplexing
part of this problem.
"Wendel Hamilton" <WendelHamilton@discussions.microsoft.com> wrote in
message news:1E651DCA-45F5-4B1C-B3A7-870421268A59@microsoft.com...
Gaylen,
This is the exact event log you would receive if you have the link time
out
set in your dial up connection.
Check that the timeout is set to never.
"Gaylen Michael" wrote:
Hi Wendel,
Here's what I got out of the System Event Log. I've also attached the
PPP.log that I started right before I connected. Oddly, this is the
first
time the event ID 20194 has appeared in my System Log? Even though
this
problem has been occuring since RRAS was setup. No idea how or why
the
log
says I was disconnected by the user's request?
Event Type: Information
Event Source: RemoteAccess
Event Category: None
Event ID: 20194
Date: 10/8/2005
Time: 12:10:14 PM
User: N/A
Computer: PSSERVER
Description:
The user DOMAINNAME\Gaylen connected on port VPN6-3 on 10/8/2005 at
12:07
PM
and disconnected on 10/8/2005 at 12:10 PM. The user was active for 2
minutes 58 seconds. 56317 bytes were sent and 60686 bytes were
received.
The reason for disconnecting was user request.
Thx,
Gaylen
"Wendel Hamilton" <WendelHamilton@discussions.microsoft.com> wrote in
message news:5280228B-72B5-4016-8603-D8205FB0CE6B@microsoft.com...
Gaylen,
Remote access events are also logged in the event viewer in System.
Lets
look at them first the log file of most interest would be probably
ppp.log
which is a log of the packets for the PPP connection.
There are millions of entrees 1 per packet in fact. So as soon as
you
have
captured the event turn the logging off as it will degrade
performance.
"Gaylen Michael" wrote:
Hi Wendel,
I've got Log errors and Warnings ticked as well the option below
"Log
additional Routing and Remote Access information (used for
debugging)"
selected.
At the bottom of the window it states that these logs can be found
in
the
%windir%\tracing directory. When I go to that directory there is a
mess
of
log files. Anyway of knowing which one would be applicable to
dropped
VPNs?
Thx,
Gaylen
"Wendel Hamilton" <WendelHamilton@discussions.microsoft.com> wrote
in
message news:779B6B53-4B78-43E7-9EF7-70EBA635BEF8@microsoft.com...
Gaylen,
Can you turn on log errors and warnings in Routing and remote
access
including PPP logging and post them here.
It may give us a clue as to why it's happening.
Sound weird though.
Regards Wendel..
"Gaylen Michael" wrote:
Ok - here's the problem in short, I've got a VPN server that's
dropping
connections after a couple minutes from clients who are
connecting
from
certain locations.
Here's the scenario that is driving me NUTS!
Company A has a Windows 2003 server that is multi-homed and
connected
directly to our LAN and WAN at the office. VPN connections
within
the
LAN
work great and stay up all day. The VPN server seems to work
fine
for
some
WAN based users but not for others. I've had it work great for
me
when I
am
at one of the hotspots that I manage but then it drops within 3
mintues
when
I go home and yes this is from the same laptop computer. So,
this
would
tell me it's something specific to my home LAN or ISP right?
Well,
I
manage
another Windows 2003 VPN server for a different Company B and I
can
VPN
into
that network all day and stay connected, again from the same
computer
and
as
well from my home network. The RRAS settings for these two
company's
is
practically identical. So, that tells me that my home LAN is
fine
for
outbound Windows VPN connections then right?
Somehow it's the combination of my home LAN and company A's VPN
configuration.
Below is my home lan ipconfig
Ethernet adapter Wireless Network Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R)
PRO/Wireless
Physical Address. . . . . . . . . : 00-0E-35-8E-64-DB
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 192.168.2.102
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.2.1
DHCP Server . . . . . . . . . . . : 192.168.2.1
DNS Servers . . . . . . . . . . . : 192.168.2.1
This is the Company A's vpn ipconfig once I connect from within
that
home
lan. Yes, I do not choose to use the default gateway on either
of
my
VPN
connections to either company A or B.
PPP adapter :
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : WAN (PPP/SLIP)
Interface
Physical Address. . . . . . . . . : 00-53-45-00-00-00
Dhcp Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 10.10.10.16
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 10.10.10.100
10.10.10.100
Primary WINS Server . . . . . . . : 10.10.10.100
Thx,
Gaylen
|
|
|
| Back to top |
|
|
Gaylen Michael
Guest
|
| Posted:
Tue Oct 11, 2005 6:16 am Post subject:
Re: VPN debugging fun, time to test your minds |
|
|
Well, I've got some good info to post I think. I finally did a direct
connect to my DSL modem and bypassed the LinkSys WRT55AG router that I use
at home, and guess what...the VPN kept alive for up to 20+ minutes. So,
I've got a problem w/ this particular router and my company's VPN server I
guess. I'm still puzzled that I can connect to another SBS 2003 server over
VPN from behind this same router but at least I'm making progress.
I've restored factory defaults on the router and flashed the firmware but
that's not fixed the problem yet. I guess I should move this post to the
Linksys forums now eh.
I really despise LinkSys!!!
Gaylen
"Gaylen Michael" <gaylenmichael(spamarama)@hotmail.com> wrote in message
news:eAnD9idzFHA.4032@TK2MSFTNGP15.phx.gbl...
| Quote: | I only have the 2 default policies listed here and neither of those
policies have any Dial-in Constraints checked.
"Wendel Hamilton" <WendelHamilton@discussions.microsoft.com> wrote in
message news:7090064E-C4DA-4D80-9866-179E76CD05E0@microsoft.com...
Gaylen,
Check the following on the VPN server
Open Routing and remote access manager
Expand remote access policies
Right click on the policies there and select properties
Click the Edit profile button
Check that Disconnect if Idle for is NOT checked
Check that Restrict maximum session to is NOT checked.
You have to do this for each access policy.
"Gaylen Michael" wrote:
Yep, it's set to never. Keep in mind I can stay connected from the same
PC
but on a different network just fine. That of course is the most
perplexing
part of this problem.
"Wendel Hamilton" <WendelHamilton@discussions.microsoft.com> wrote in
message news:1E651DCA-45F5-4B1C-B3A7-870421268A59@microsoft.com...
Gaylen,
This is the exact event log you would receive if you have the link
time
out
set in your dial up connection.
Check that the timeout is set to never.
"Gaylen Michael" wrote:
Hi Wendel,
Here's what I got out of the System Event Log. I've also attached
the
PPP.log that I started right before I connected. Oddly, this is the
first
time the event ID 20194 has appeared in my System Log? Even though
this
problem has been occuring since RRAS was setup. No idea how or why
the
log
says I was disconnected by the user's request?
Event Type: Information
Event Source: RemoteAccess
Event Category: None
Event ID: 20194
Date: 10/8/2005
Time: 12:10:14 PM
User: N/A
Computer: PSSERVER
Description:
The user DOMAINNAME\Gaylen connected on port VPN6-3 on 10/8/2005 at
12:07
PM
and disconnected on 10/8/2005 at 12:10 PM. The user was active for 2
minutes 58 seconds. 56317 bytes were sent and 60686 bytes were
received.
The reason for disconnecting was user request.
Thx,
Gaylen
"Wendel Hamilton" <WendelHamilton@discussions.microsoft.com> wrote in
message news:5280228B-72B5-4016-8603-D8205FB0CE6B@microsoft.com...
Gaylen,
Remote access events are also logged in the event viewer in System.
Lets
look at them first the log file of most interest would be probably
ppp.log
which is a log of the packets for the PPP connection.
There are millions of entrees 1 per packet in fact. So as soon as
you
have
captured the event turn the logging off as it will degrade
performance.
"Gaylen Michael" wrote:
Hi Wendel,
I've got Log errors and Warnings ticked as well the option below
"Log
additional Routing and Remote Access information (used for
debugging)"
selected.
At the bottom of the window it states that these logs can be found
in
the
%windir%\tracing directory. When I go to that directory there is
a
mess
of
log files. Anyway of knowing which one would be applicable to
dropped
VPNs?
Thx,
Gaylen
"Wendel Hamilton" <WendelHamilton@discussions.microsoft.com> wrote
in
message news:779B6B53-4B78-43E7-9EF7-70EBA635BEF8@microsoft.com...
Gaylen,
Can you turn on log errors and warnings in Routing and remote
access
including PPP logging and post them here.
It may give us a clue as to why it's happening.
Sound weird though.
Regards Wendel..
"Gaylen Michael" wrote:
Ok - here's the problem in short, I've got a VPN server that's
dropping
connections after a couple minutes from clients who are
connecting
from
certain locations.
Here's the scenario that is driving me NUTS!
Company A has a Windows 2003 server that is multi-homed and
connected
directly to our LAN and WAN at the office. VPN connections
within
the
LAN
work great and stay up all day. The VPN server seems to work
fine
for
some
WAN based users but not for others. I've had it work great for
me
when I
am
at one of the hotspots that I manage but then it drops within 3
mintues
when
I go home and yes this is from the same laptop computer. So,
this
would
tell me it's something specific to my home LAN or ISP right?
Well,
I
manage
another Windows 2003 VPN server for a different Company B and I
can
VPN
into
that network all day and stay connected, again from the same
computer
and
as
well from my home network. The RRAS settings for these two
company's
is
practically identical. So, that tells me that my home LAN is
fine
for
outbound Windows VPN connections then right?
Somehow it's the combination of my home LAN and company A's VPN
configuration.
Below is my home lan ipconfig
Ethernet adapter Wireless Network Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R)
PRO/Wireless
Physical Address. . . . . . . . . : 00-0E-35-8E-64-DB
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 192.168.2.102
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.2.1
DHCP Server . . . . . . . . . . . : 192.168.2.1
DNS Servers . . . . . . . . . . . : 192.168.2.1
This is the Company A's vpn ipconfig once I connect from within
that
home
lan. Yes, I do not choose to use the default gateway on either
of
my
VPN
connections to either company A or B.
PPP adapter :
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : WAN (PPP/SLIP)
Interface
Physical Address. . . . . . . . . : 00-53-45-00-00-00
Dhcp Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 10.10.10.16
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 10.10.10.100
10.10.10.100
Primary WINS Server . . . . . . . : 10.10.10.100
Thx,
Gaylen
|
|
|
| Back to top |
|
|
StoreThomas
Guest
|
| Posted:
Thu Oct 20, 2005 12:50 pm Post subject:
Re: VPN debugging fun, time to test your minds |
|
|
Hi Gaylen!
Thanx for posting your last info about the linksys. We've got a customer who
is experiencing the exact same problem (don't know if Linksys is involved),
so it was good to know that my "hardware suspicions" can be valid :)
Did you draw any further conclussions after your last post?
Best Regards
Thomas
"Gaylen Michael" wrote:
| Quote: | Well, I've got some good info to post I think. I finally did a direct
connect to my DSL modem and bypassed the LinkSys WRT55AG router that I use
at home, and guess what...the VPN kept alive for up to 20+ minutes. So,
I've got a problem w/ this particular router and my company's VPN server I
guess. I'm still puzzled that I can connect to another SBS 2003 server over
VPN from behind this same router but at least I'm making progress.
I've restored factory defaults on the router and flashed the firmware but
that's not fixed the problem yet. I guess I should move this post to the
Linksys forums now eh.
I really despise LinkSys!!!
Gaylen
"Gaylen Michael" <gaylenmichael(spamarama)@hotmail.com> wrote in message
news:eAnD9idzFHA.4032@TK2MSFTNGP15.phx.gbl...
I only have the 2 default policies listed here and neither of those
policies have any Dial-in Constraints checked.
"Wendel Hamilton" <WendelHamilton@discussions.microsoft.com> wrote in
message news:7090064E-C4DA-4D80-9866-179E76CD05E0@microsoft.com...
Gaylen,
Check the following on the VPN server
Open Routing and remote access manager
Expand remote access policies
Right click on the policies there and select properties
Click the Edit profile button
Check that Disconnect if Idle for is NOT checked
Check that Restrict maximum session to is NOT checked.
You have to do this for each access policy.
"Gaylen Michael" wrote:
Yep, it's set to never. Keep in mind I can stay connected from the same
PC
but on a different network just fine. That of course is the most
perplexing
part of this problem.
"Wendel Hamilton" <WendelHamilton@discussions.microsoft.com> wrote in
message news:1E651DCA-45F5-4B1C-B3A7-870421268A59@microsoft.com...
Gaylen,
This is the exact event log you would receive if you have the link
time
out
set in your dial up connection.
Check that the timeout is set to never.
"Gaylen Michael" wrote:
Hi Wendel,
Here's what I got out of the System Event Log. I've also attached
the
PPP.log that I started right before I connected. Oddly, this is the
first
time the event ID 20194 has appeared in my System Log? Even though
this
problem has been occuring since RRAS was setup. No idea how or why
the
log
says I was disconnected by the user's request?
Event Type: Information
Event Source: RemoteAccess
Event Category: None
Event ID: 20194
Date: 10/8/2005
Time: 12:10:14 PM
User: N/A
Computer: PSSERVER
Description:
The user DOMAINNAME\Gaylen connected on port VPN6-3 on 10/8/2005 at
12:07
PM
and disconnected on 10/8/2005 at 12:10 PM. The user was active for 2
minutes 58 seconds. 56317 bytes were sent and 60686 bytes were
received.
The reason for disconnecting was user request.
Thx,
Gaylen
"Wendel Hamilton" <WendelHamilton@discussions.microsoft.com> wrote in
message news:5280228B-72B5-4016-8603-D8205FB0CE6B@microsoft.com...
Gaylen,
Remote access events are also logged in the event viewer in System.
Lets
look at them first the log file of most interest would be probably
ppp.log
which is a log of the packets for the PPP connection.
There are millions of entrees 1 per packet in fact. So as soon as
you
have
captured the event turn the logging off as it will degrade
performance.
"Gaylen Michael" wrote:
Hi Wendel,
I've got Log errors and Warnings ticked as well the option below
"Log
additional Routing and Remote Access information (used for
debugging)"
selected.
At the bottom of the window it states that these logs can be found
in
the
%windir%\tracing directory. When I go to that directory there is
a
mess
of
log files. Anyway of knowing which one would be applicable to
dropped
VPNs?
Thx,
Gaylen
"Wendel Hamilton" <WendelHamilton@discussions.microsoft.com> wrote
in
message news:779B6B53-4B78-43E7-9EF7-70EBA635BEF8@microsoft.com...
Gaylen,
Can you turn on log errors and warnings in Routing and remote
access
including PPP logging and post them here.
It may give us a clue as to why it's happening.
Sound weird though.
Regards Wendel..
"Gaylen Michael" wrote:
Ok - here's the problem in short, I've got a VPN server that's
dropping
connections after a couple minutes from clients who are
connecting
from
certain locations.
Here's the scenario that is driving me NUTS!
Company A has a Windows 2003 server that is multi-homed and
connected
directly to our LAN and WAN at the office. VPN connections
within
the
LAN
work great and stay up all day. The VPN server seems to work
fine
for
some
WAN based users but not for others. I've had it work great for
me
when I
am
at one of the hotspots that I manage but then it drops within 3
mintues
when
I go home and yes this is from the same laptop computer. So,
this
would
tell me it's something specific to my home LAN or ISP right?
Well,
I
manage
another Windows 2003 VPN server for a different Company B and I
can
VPN
into
that network all day and stay connected, again from the same
computer
and
as
well from my home network. The RRAS settings for these two
company's
is
practically identical. So, that tells me that my home LAN is
fine
for
outbound Windows VPN connections then right?
Somehow it's the combination of my home LAN and company A's VPN
configuration.
Below is my home lan ipconfig
Ethernet adapter Wireless Network Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R)
PRO/Wireless
Physical Address. . . . . . . . . : 00-0E-35-8E-64-DB
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 192.168.2.102
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.2.1
DHCP Server . . . . . . . . . . . : 192.168.2.1
DNS Servers . . . . . . . . . . . : 192.168.2.1
This is the Company A's vpn ipconfig once I connect from within
that
home
lan. Yes, I do not choose to use the default gateway on either
of
my
VPN
connections to either company A or B.
PPP adapter :
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : WAN (PPP/SLIP)
Interface
Physical Address. . . . . . . . . : 00-53-45-00-00-00
Dhcp Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 10.10.10.16
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 10.10.10.100
10.10.10.100
Primary WINS Server . . . . . . . : 10.10.10.100
Thx,
Gaylen
|
|
|
| Back to top |
|
|
Gaylen Michael
Guest
|
| Posted:
Fri Oct 28, 2005 8:50 pm Post subject:
Re: VPN debugging fun, time to test your minds |
|
|
Hi Thomas,
Yes, I'm still chasing this rabit and the focus has now moved to the MTU
settings on the router. The default MTU settings on my router, which is a
WRT55AG v2, are set to 1500 which is the auto setting. Linksys support had
me change it to 1350 and for a few hours it actually worked!!! The VPN
connection was staying up for longer than an hour, but I quickly realized
that the MTU change we had made caused my MSN 7.5 Instant Messaging client
to break. I could no longer get to hotmail based content either???? Really
weird stuff...so I stayed up all night last night changing the MTU settings
to find just the right spot anywhere between 1500 and 1350 but I could never
get the VPN to work again once I started making those changes.
I'm getting really tired of this issue though - it must be one of the
toughest I've had to tackle to date around networking related issues. It
really bothers me how linksys implements their products and releases but I
am sure to cause them headache in return by getting at least 5 RMA's out of
them for each product I buy just so that I can cost them time & money too.
To this date I have 20 RMA shipments to that RMA address in Irvine, CA for
products that are supposed to work but they do not.
Maybe this is a problem w/ the RRAS but highly unlikely since I and others
in my company can VPN in to the office from different locations without any
problems.
Gaylen
"StoreThomas" <StoreThomas@discussions.microsoft.com> wrote in message
news:48184CB8-CBE6-4400-AE88-82727228F01C@microsoft.com...
| Quote: | Hi Gaylen!
Thanx for posting your last info about the linksys. We've got a customer
who
is experiencing the exact same problem (don't know if Linksys is
involved),
so it was good to know that my "hardware suspicions" can be valid :)
Did you draw any further conclussions after your last post?
Best Regards
Thomas
"Gaylen Michael" wrote:
Well, I've got some good info to post I think. I finally did a direct
connect to my DSL modem and bypassed the LinkSys WRT55AG router that I
use
at home, and guess what...the VPN kept alive for up to 20+ minutes. So,
I've got a problem w/ this particular router and my company's VPN server
I
guess. I'm still puzzled that I can connect to another SBS 2003 server
over
VPN from behind this same router but at least I'm making progress.
I've restored factory defaults on the router and flashed the firmware but
that's not fixed the problem yet. I guess I should move this post to the
Linksys forums now eh.
I really despise LinkSys!!!
Gaylen
"Gaylen Michael" <gaylenmichael(spamarama)@hotmail.com> wrote in message
news:eAnD9idzFHA.4032@TK2MSFTNGP15.phx.gbl...
I only have the 2 default policies listed here and neither of those
policies have any Dial-in Constraints checked.
"Wendel Hamilton" <WendelHamilton@discussions.microsoft.com> wrote in
message news:7090064E-C4DA-4D80-9866-179E76CD05E0@microsoft.com...
Gaylen,
Check the following on the VPN server
Open Routing and remote access manager
Expand remote access policies
Right click on the policies there and select properties
Click the Edit profile button
Check that Disconnect if Idle for is NOT checked
Check that Restrict maximum session to is NOT checked.
You have to do this for each access policy.
"Gaylen Michael" wrote:
Yep, it's set to never. Keep in mind I can stay connected from the
same
PC
but on a different network just fine. That of course is the most
perplexing
part of this problem.
"Wendel Hamilton" <WendelHamilton@discussions.microsoft.com> wrote in
message news:1E651DCA-45F5-4B1C-B3A7-870421268A59@microsoft.com...
Gaylen,
This is the exact event log you would receive if you have the link
time
out
set in your dial up connection.
Check that the timeout is set to never.
"Gaylen Michael" wrote:
Hi Wendel,
Here's what I got out of the System Event Log. I've also attached
the
PPP.log that I started right before I connected. Oddly, this is
the
first
time the event ID 20194 has appeared in my System Log? Even
though
this
problem has been occuring since RRAS was setup. No idea how or
why
the
log
says I was disconnected by the user's request?
Event Type: Information
Event Source: RemoteAccess
Event Category: None
Event ID: 20194
Date: 10/8/2005
Time: 12:10:14 PM
User: N/A
Computer: PSSERVER
Description:
The user DOMAINNAME\Gaylen connected on port VPN6-3 on 10/8/2005
at
12:07
PM
and disconnected on 10/8/2005 at 12:10 PM. The user was active
for 2
minutes 58 seconds. 56317 bytes were sent and 60686 bytes were
received.
The reason for disconnecting was user request.
Thx,
Gaylen
"Wendel Hamilton" <WendelHamilton@discussions.microsoft.com> wrote
in
message news:5280228B-72B5-4016-8603-D8205FB0CE6B@microsoft.com...
Gaylen,
Remote access events are also logged in the event viewer in
System.
Lets
look at them first the log file of most interest would be
probably
ppp.log
which is a log of the packets for the PPP connection.
There are millions of entrees 1 per packet in fact. So as soon
as
you
have
captured the event turn the logging off as it will degrade
performance.
"Gaylen Michael" wrote:
Hi Wendel,
I've got Log errors and Warnings ticked as well the option
below
"Log
additional Routing and Remote Access information (used for
debugging)"
selected.
At the bottom of the window it states that these logs can be
found
in
the
%windir%\tracing directory. When I go to that directory there
is
a
mess
of
log files. Anyway of knowing which one would be applicable to
dropped
VPNs?
Thx,
Gaylen
"Wendel Hamilton" <WendelHamilton@discussions.microsoft.com
wrote
in
message
news:779B6B53-4B78-43E7-9EF7-70EBA635BEF8@microsoft.com...
Gaylen,
Can you turn on log errors and warnings in Routing and remote
access
including PPP logging and post them here.
It may give us a clue as to why it's happening.
Sound weird though.
Regards Wendel..
"Gaylen Michael" wrote:
Ok - here's the problem in short, I've got a VPN server
that's
dropping
connections after a couple minutes from clients who are
connecting
from
certain locations.
Here's the scenario that is driving me NUTS!
Company A has a Windows 2003 server that is multi-homed and
connected
directly to our LAN and WAN at the office. VPN connections
within
the
LAN
work great and stay up all day. The VPN server seems to
work
fine
for
some
WAN based users but not for others. I've had it work great
for
me
when I
am
at one of the hotspots that I manage but then it drops
within 3
mintues
when
I go home and yes this is from the same laptop computer.
So,
this
would
tell me it's something specific to my home LAN or ISP right?
Well,
I
manage
another Windows 2003 VPN server for a different Company B
and I
can
VPN
into
that network all day and stay connected, again from the same
computer
and
as
well from my home network. The RRAS settings for these two
company's
is
practically identical. So, that tells me that my home LAN
is
fine
for
outbound Windows VPN connections then right?
Somehow it's the combination of my home LAN and company A's
VPN
configuration.
Below is my home lan ipconfig
Ethernet adapter Wireless Network Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R)
PRO/Wireless
Physical Address. . . . . . . . . :
00-0E-35-8E-64-DB
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 192.168.2.102
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.2.1
DHCP Server . . . . . . . . . . . : 192.168.2.1
DNS Servers . . . . . . . . . . . : 192.168.2.1
This is the Company A's vpn ipconfig once I connect from
within
that
home
lan. Yes, I do not choose to use the default gateway on
either
of
my
VPN
connections to either company A or B.
PPP adapter :
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : WAN (PPP/SLIP)
Interface
Physical Address. . . . . . . . . :
00-53-45-00-00-00
Dhcp Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 10.10.10.16
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 10.10.10.100
10.10.10.100
Primary WINS Server . . . . . . . : 10.10.10.100
Thx,
Gaylen
|
|
|
| Back to top |
|
|
StoreThomas
Guest
|
| Posted:
Sat Oct 29, 2005 8:50 am Post subject:
Re: VPN debugging fun, time to test your minds |
|
|
Hi Gaylen!
Thanx for the info.....and shame on Linksys ;)
I realized quickly that the firewall in my case was so inexpensive that it
would be cheaper for the customer if I changed it immidiately. It was a
SafeGuard SG300 from Snapgear and I changed it to a ZyXEL ZyWALL 5.
Everything runs smoothly now :)
Best Regards
Thomas
Denmark
"Gaylen Michael" wrote:
| Quote: | Hi Thomas,
Yes, I'm still chasing this rabit and the focus has now moved to the MTU
settings on the router. The default MTU settings on my router, which is a
WRT55AG v2, are set to 1500 which is the auto setting. Linksys support had
me change it to 1350 and for a few hours it actually worked!!! The VPN
connection was staying up for longer than an hour, but I quickly realized
that the MTU change we had made caused my MSN 7.5 Instant Messaging client
to break. I could no longer get to hotmail based content either???? Really
weird stuff...so I stayed up all night last night changing the MTU settings
to find just the right spot anywhere between 1500 and 1350 but I could never
get the VPN to work again once I started making those changes.
I'm getting really tired of this issue though - it must be one of the
toughest I've had to tackle to date around networking related issues. It
really bothers me how linksys implements their products and releases but I
am sure to cause them headache in return by getting at least 5 RMA's out of
them for each product I buy just so that I can cost them time & money too.
To this date I have 20 RMA shipments to that RMA address in Irvine, CA for
products that are supposed to work but they do not.
Maybe this is a problem w/ the RRAS but highly unlikely since I and others
in my company can VPN in to the office from different locations without any
problems.
Gaylen
"StoreThomas" <StoreThomas@discussions.microsoft.com> wrote in message
news:48184CB8-CBE6-4400-AE88-82727228F01C@microsoft.com...
Hi Gaylen!
Thanx for posting your last info about the linksys. We've got a customer
who
is experiencing the exact same problem (don't know if Linksys is
involved),
so it was good to know that my "hardware suspicions" can be valid :)
Did you draw any further conclussions after your last post?
Best Regards
Thomas
"Gaylen Michael" wrote:
Well, I've got some good info to post I think. I finally did a direct
connect to my DSL modem and bypassed the LinkSys WRT55AG router that I
use
at home, and guess what...the VPN kept alive for up to 20+ minutes. So,
I've got a problem w/ this particular router and my company's VPN server
I
guess. I'm still puzzled that I can connect to another SBS 2003 server
over
VPN from behind this same router but at least I'm making progress.
I've restored factory defaults on the router and flashed the firmware but
that's not fixed the problem yet. I guess I should move this post to the
Linksys forums now eh.
I really despise LinkSys!!!
Gaylen
"Gaylen Michael" <gaylenmichael(spamarama)@hotmail.com> wrote in message
news:eAnD9idzFHA.4032@TK2MSFTNGP15.phx.gbl...
I only have the 2 default policies listed here and neither of those
policies have any Dial-in Constraints checked.
"Wendel Hamilton" <WendelHamilton@discussions.microsoft.com> wrote in
message news:7090064E-C4DA-4D80-9866-179E76CD05E0@microsoft.com...
Gaylen,
Check the following on the VPN server
Open Routing and remote access manager
Expand remote access policies
Right click on the policies there and select properties
Click the Edit profile button
Check that Disconnect if Idle for is NOT checked
Check that Restrict maximum session to is NOT checked.
You have to do this for each access policy.
"Gaylen Michael" wrote:
Yep, it's set to never. Keep in mind I can stay connected from the
same
PC
but on a different network just fine. That of course is the most
perplexing
part of this problem.
"Wendel Hamilton" <WendelHamilton@discussions.microsoft.com> wrote in
message news:1E651DCA-45F5-4B1C-B3A7-870421268A59@microsoft.com...
Gaylen,
This is the exact event log you would receive if you have the link
time
out
set in your dial up connection.
Check that the timeout is set to never.
"Gaylen Michael" wrote:
Hi Wendel,
Here's what I got out of the System Event Log. I've also attached
the
PPP.log that I started right before I connected. Oddly, this is
the
first
time the event ID 20194 has appeared in my System Log? Even
though
this
problem has been occuring since RRAS was setup. No idea how or
why
the
log
says I was disconnected by the user's request?
Event Type: Information
Event Source: RemoteAccess
Event Category: None
Event ID: 20194
Date: 10/8/2005
Time: 12:10:14 PM
User: N/A
Computer: PSSERVER
Description:
The user DOMAINNAME\Gaylen connected on port VPN6-3 on 10/8/2005
at
12:07
PM
and disconnected on 10/8/2005 at 12:10 PM. The user was active
for 2
minutes 58 seconds. 56317 bytes were sent and 60686 bytes were
received.
The reason for disconnecting was user request.
Thx,
Gaylen
"Wendel Hamilton" <WendelHamilton@discussions.microsoft.com> wrote
in
message news:5280228B-72B5-4016-8603-D8205FB0CE6B@microsoft.com...
Gaylen,
Remote access events are also logged in the event viewer in
System.
Lets
look at them first the log file of most interest would be
probably
ppp.log
which is a log of the packets for the PPP connection.
There are millions of entrees 1 per packet in fact. So as soon
as
you
have
captured the event turn the logging off as it will degrade
performance.
"Gaylen Michael" wrote:
Hi Wendel,
I've got Log errors and Warnings ticked as well the option
below
"Log
additional Routing and Remote Access information (used for
debugging)"
selected.
At the bottom of the window it states that these logs can be
found
in
the
%windir%\tracing directory. When I go to that directory there
is
a
mess
of
log files. Anyway of knowing which one would be applicable to
dropped
VPNs?
Thx,
Gaylen
"Wendel Hamilton" <WendelHamilton@discussions.microsoft.com
wrote
in
message
news:779B6B53-4B78-43E7-9EF7-70EBA635BEF8@microsoft.com...
Gaylen,
Can you turn on log errors and warnings in Routing and remote
access
including PPP logging and post them here.
It may give us a clue as to why it's happening.
Sound weird though.
Regards Wendel..
"Gaylen Michael" wrote:
Ok - here's the problem in short, I've got a VPN server
that's
dropping
connections after a couple minutes from clients who are
connecting
from
certain locations.
Here's the scenario that is driving me NUTS!
Company A has a Windows 2003 server that is multi-homed and
connected
directly to our LAN and WAN at the office. VPN connections
within
the
LAN
work great and stay up all day. The VPN server seems to
work
fine
for
some
WAN based users but not for others. I've had it work great
for
me
when I
am
at one of the hotspots that I manage but then it drops
within 3
mintues
when
I go home and yes this is from the same laptop computer.
So,
this
would
tell me it's something specific to my home LAN or ISP right?
Well,
I
manage
another Windows 2003 VPN server for a different Company B
and I
can
VPN
into
that network all day and stay connected, again from the same
computer
and
as
well from my home network. The RRAS settings for these two
company's
is
practically identical. So, that tells me that my home LAN
is
fine
for
outbound Windows VPN connections then right?
Somehow it's the combination of my home LAN and company A's
VPN
configuration.
Below is my home lan ipconfig
Ethernet adapter Wireless Network Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R)
PRO/Wireless
Physical Address. . . . . . . . . :
00-0E-35-8E-64-DB
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 192.168.2.102
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.2.1
DHCP Server . . . . . . . . . . . : 192.168.2.1
DNS Servers . . . . . . . . . . . : 192.168.2.1
This is the Company A's vpn ipconfig once I connect from
within
that
home
lan. Yes, I do not choose to use the default gateway on
either
of
my
VPN
connections to either company A or B.
PPP adapter :
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : WAN (PPP/SLIP)
Interface
Physical Address. . . . . . . . . :
00-53-45-00-00-00
Dhcp Enabled. . . . . . . . . . . : No |
|
|
| Back to top |
|
|
|
|
|
|
FAQ
Memberlist
Register
Profile
Log in to check your private messages
Log in