I need help tweaking Microsoft VPN RAS service on W2k3

Experts: (you know who you are:-)

I recently migrated to W2K3 server. I set up Routing & Remote Access service using the default settings.
Without any real intervention is seems to work fairly well for the majority of my remote users. However, the New York office is having problems. There are two users out there and they can't seem to keep a solid connection to our RAS server via PPTP VPN. Two simultaneous connections seem to collide with each other causing intermittant client OS freezing, dropped outlook communications and/or inconsistent access to the File Shares here in SF. Now one or the other can solidly connect, but not two at the same time.

They connect to the Internet using Verizon DSL. That DSL Modem is setup as a bridge accepting a dynamic IP from Verizon. We put a Linksys router behind the bridge for NAT and DHCP for internal clients. Both client machines run Windows OSes. The problem is certainly looking like it has something to do with how the router or the DSL modem connection handles VPN requests and keep-alives -- it just can't seem to keep a solid line to SF...

So far, I've looked on the server and can see that both client computers can connect to the RRAS server, remarkably even at the same time. Each connection takes a unique VPN5-X port & IP Address from the scope. So I can rule out collision there. I cross-ref'd this with logs written in the Event Viewer and found no "booting" between either client machine.

So my thinking turns to the setup in New York:
1)  Does dynamic DSL have something to do with it?
2)  How about the router itself? (they use a Linksys BEFSR81 behind the Verizon Modem. it's config'd for PPPoE w/ DHCP turned on)
3)  What sort of network utilities are good to run in such instances? I have a hunch that packets are dropping en masse, how do I prove it...remember, I mentioned that on the client side neither workstation can keep a solid connection before freezing one or the other out (but on the server it still looks like both clients are connecting just fine).
4)  Should I consider asking Verizon to make some changes to the DSL Modem itself? If so, what do you recommend?

That's a hefty chunk to start with.

Any help is greatly appreciated...
-- seismicom --

Who is Participating?
ZoidlingConnect With a Mentor Commented:
Dynamic IP is probably the problem.  Test or ask Verizon (good luck with that) what their DHCP lease times are.  My bet is that it's a pretty short time and each time the Verizon DSL modem pulls another IP, your PPTP link fails.  

If this is the case, see if you can upgrade to a business DSL account with static IP for that office.
NetoMeter ScreencastsCommented:
I've had exactly the same problem.
Upgrading the firmware of the router solved the problem.

Good Luck!

Check http://www.experts-exchange.com/Networking/Q_21411862.html seems two question are correlated.
seismicomAuthor Commented:
When I first ordered DSL service from Verizon, they told me that their basic dynamic package would support multiple VPN connections. So I called them out on that but none of engineers could deny nor confirm this statement. In typical fashion, what I got was, "VPN is outside our support SLA". They simply couldn't give me a definitive answer.

What's important to know is that anytime you set yourself up with dynamically assigned DSL service, you'll probably have problems tunnelling two VPN connections at the same time. Better you upgrade to a static IP address.

-- seismicom --
All Courses

From novice to tech pro — start learning today.