seismicom
asked on
I need help tweaking Microsoft VPN RAS service on W2k3
Experts: (you know who you are:-)
I recently migrated to W2K3 server. I set up Routing & Remote Access service using the default settings.
Without any real intervention is seems to work fairly well for the majority of my remote users. However, the New York office is having problems. There are two users out there and they can't seem to keep a solid connection to our RAS server via PPTP VPN. Two simultaneous connections seem to collide with each other causing intermittant client OS freezing, dropped outlook communications and/or inconsistent access to the File Shares here in SF. Now one or the other can solidly connect, but not two at the same time.
They connect to the Internet using Verizon DSL. That DSL Modem is setup as a bridge accepting a dynamic IP from Verizon. We put a Linksys router behind the bridge for NAT and DHCP for internal clients. Both client machines run Windows OSes. The problem is certainly looking like it has something to do with how the router or the DSL modem connection handles VPN requests and keep-alives -- it just can't seem to keep a solid line to SF...
So far, I've looked on the server and can see that both client computers can connect to the RRAS server, remarkably even at the same time. Each connection takes a unique VPN5-X port & IP Address from the scope. So I can rule out collision there. I cross-ref'd this with logs written in the Event Viewer and found no "booting" between either client machine.
So my thinking turns to the setup in New York:
1) Does dynamic DSL have something to do with it?
2) How about the router itself? (they use a Linksys BEFSR81 behind the Verizon Modem. it's config'd for PPPoE w/ DHCP turned on)
3) What sort of network utilities are good to run in such instances? I have a hunch that packets are dropping en masse, how do I prove it...remember, I mentioned that on the client side neither workstation can keep a solid connection before freezing one or the other out (but on the server it still looks like both clients are connecting just fine).
4) Should I consider asking Verizon to make some changes to the DSL Modem itself? If so, what do you recommend?
That's a hefty chunk to start with.
Any help is greatly appreciated...
-- seismicom --
I recently migrated to W2K3 server. I set up Routing & Remote Access service using the default settings.
Without any real intervention is seems to work fairly well for the majority of my remote users. However, the New York office is having problems. There are two users out there and they can't seem to keep a solid connection to our RAS server via PPTP VPN. Two simultaneous connections seem to collide with each other causing intermittant client OS freezing, dropped outlook communications and/or inconsistent access to the File Shares here in SF. Now one or the other can solidly connect, but not two at the same time.
They connect to the Internet using Verizon DSL. That DSL Modem is setup as a bridge accepting a dynamic IP from Verizon. We put a Linksys router behind the bridge for NAT and DHCP for internal clients. Both client machines run Windows OSes. The problem is certainly looking like it has something to do with how the router or the DSL modem connection handles VPN requests and keep-alives -- it just can't seem to keep a solid line to SF...
So far, I've looked on the server and can see that both client computers can connect to the RRAS server, remarkably even at the same time. Each connection takes a unique VPN5-X port & IP Address from the scope. So I can rule out collision there. I cross-ref'd this with logs written in the Event Viewer and found no "booting" between either client machine.
So my thinking turns to the setup in New York:
1) Does dynamic DSL have something to do with it?
2) How about the router itself? (they use a Linksys BEFSR81 behind the Verizon Modem. it's config'd for PPPoE w/ DHCP turned on)
3) What sort of network utilities are good to run in such instances? I have a hunch that packets are dropping en masse, how do I prove it...remember, I mentioned that on the client side neither workstation can keep a solid connection before freezing one or the other out (but on the server it still looks like both clients are connecting just fine).
4) Should I consider asking Verizon to make some changes to the DSL Modem itself? If so, what do you recommend?
That's a hefty chunk to start with.
Any help is greatly appreciated...
-- seismicom --
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Check https://www.experts-exchange.com/questions/21411862/Netmeeting-net-meeting-not-staying-connected-on-certain-networks.html seems two question are correlated.
ASKER
When I first ordered DSL service from Verizon, they told me that their basic dynamic package would support multiple VPN connections. So I called them out on that but none of engineers could deny nor confirm this statement. In typical fashion, what I got was, "VPN is outside our support SLA". They simply couldn't give me a definitive answer.
What's important to know is that anytime you set yourself up with dynamically assigned DSL service, you'll probably have problems tunnelling two VPN connections at the same time. Better you upgrade to a static IP address.
-- seismicom --
What's important to know is that anytime you set yourself up with dynamically assigned DSL service, you'll probably have problems tunnelling two VPN connections at the same time. Better you upgrade to a static IP address.
-- seismicom --
I've had exactly the same problem.
Upgrading the firmware of the router solved the problem.
Good Luck!
NetoMeter