How to enable VPN on my 2nd computer ?

Posted on 2006-03-25
Last Modified: 2010-08-05

I'm using Microsoft's PPTP VPN to connect my network (which includes a Dlink DI-604 router) with remote computers.

All use Windows XP SP2.

Now - There are no problems when the remote computer establish a vpn connection to my network... (after enabling VPN Pass Through for PPTP and opening port 1723).

But when a second remote computer tries to establish a VPN connection with the same host - I get an error - saying that a VPN connection has already been established and that a second one can't be established...

OK, so I thought that I could open a second VPN server on the other computer on my network - but now - I have to open port 1723 for incoming connection (for the 2nd computer on my network) ... so I
have set additional port forwarding on my Virtual Server list on my router - and set it to :

Private port : 1723
Public port: 1800.

But when I try to connect with the VPN client to that computer in the following format for host name: "Hostname:1800"  - I get an error# 800.

No other firewalls are present.

So I can't connect the 2nd remote computer to my VPN server.

Is there a way to by pass the problem ?

Additional questions:

I have also noticed internet inactivity and dramatic reduction in internet speed on the client side of the VPN connection - is this normal ? and is there a way to solve the problem by  e.g reducing the MTU or using a different protocol (like IPSec).

I would also like to know whether other VPN's such as:

Symantec Enterprise VPN

- do a better job than Microsoft's built-in VPN...

Thanks, Meir.
Question by:Meir02
    LVL 77

    Accepted Solution

    I think you will find you are limited to the one VPN connection with your present configuration. As you asked yes many other routers, including some of D-Link's will provide you with more options if they are true VPN router’s, rather than a router that allows VPN pass through. Many basic routers do not allow VPN traffic, most that have VPN pass-through only allow for 1 tunnel, and XP, though it works fine as a VPN sever, does loose some performance due to the encryption and un-encryption of the VPN tunnel.
    A dedicated VPN router off loads that job from the VPN server, does a more efficient job of it, and can also support multiple incoming tunnels. By using the router you can also connect to all devices on the LAN not just the one. Though most VPN routers have an associated software client the better way to go is with an end to end hardware solution, a VPN router at either end of the tunnel, that maintains the connection between all devices at all times.
    There are dozens of VPN routers out there. Linksys make a nice affordable unit the RV042, though some folks have problems with it's QuickVPN software client. Other makes are NetGear, SonicWall, WatchGuard, CheckPoint, NetScreen, Cisco and many others. Cisco of course being the best and having the best technical support.

    Author Comment


    Since I already have A cisco router at work - I will purchase another one for home... (this time wireless...)

    The CISCO851W costs about $380 and installation is $150 !!!

    I think that $150 for the installation is an you think so too ?

    Could it be possible that with the manual that comes with the router - I could configure the router myself ?

    In general securing & setting a VPN between two routers should be a simple job....

    Could you explain the procedure for setting VPN between two routers or provide a link to a web site that explains the procedure... ?

    Plus - will the VPN connection will degrade the internet performance on either side of the tunnel ? - are there any special adjustments needed for keeping the internet performance high ?

    And are there any security measures that I need to take at home (since the router at home is going to be wireless ... the problem is not necessarily breaking the VPN code... but an unauthorized access to the Office VPN).

    And anyways, your solution is good for non-mobile solutions... but since I'm gonna travel with my notebook - I will be forced to use a software client to connect to the Office VPN... will Cisco provide me with a suitable client or will I just use the XP's VPN client ?

    Thanks again.
    LVL 77

    Expert Comment

    by:Rob Williams
    >>"The CISCO851W costs about $380 and installation is $150 !!!"
    Cisco's are a science of there own, and if you have no experience with them it may be a fairly daunting task. It is a very expensive and time consuming task to become a Cisco technician. $150 is actually a pretty good deal in my opinion. The advantage of you doing it is maintenance down the road. I haven't set up the Cisco units but they do have a graphical interface that may allow you to do so. I am afraid I am not much help with that part. You can purchase with your Cisco a SmartNet support contract which I highly recommend and they will help walk you through your configuration.

    A Cisco VPN router will allow you to use the Cisco VPN client which is more secure than the Windows one. You can also use the Cisco router at the office to better secure it's network from the VPN clients, including not allowing split-tunneling (by default) which isolates the remote/client user from there own network while connected by VPN.

    Be careful in selecting the Cisco units you wish to use. They have numerous license limits such as the number of local Internet users and the number of simultaneous VPN connections they will support. I am not familiar with the 850 series but in a quick read I saw a 5 VPN tunnel limit.

    Author Comment

    Thanks for your replies.

    I have contacted my ISP technical support team, and they said - they will help me configure the router(since I buy it from them) ... I always like to do things myself so that when something goes wrong - I know what to do...

    They said they will configure the router (with me) to work in sync with the router at the office, and only with it... no other router/client will be able to communicate with that Office Cisco router(for security reasons), and they might also need to upgrade the office router's OS to work with VPN.

    VPN is a wonderful thing, I didn't get deep into it yet...there's still a long way for me to understand the encryption and certificates stuff... (I'm studying this subject).

    The only downside with VPN that I have noticed is the slim upload that I get from my ISP... and which causes terrible delays in traffic. Since my connection to the internet is through ADSL on both sides of the tunnel - the Download speeds are quite good but the uploads are in no proportion very small. And I think that unlike surfing the internet - VPN requires a higher rate of upload (at least on the server's side though it would have been great if it was distributed 50/50 for either side of the tunnel).

    Of course, I can ask my ISP to increase my upload speeds, but it will never be even half the download seems that with the current technology it is not possible to do so ? what's in your opinion should be the proper upload speed for normal communication on both sides of the tunnel ?

    Thanks again for your help, now I understand much more about VPN...

    I will just wait for your final reply before closing this thread.

    Thanks, Meir.
    LVL 77

    Expert Comment

    by:Rob Williams
    >>"they will help me configure the router(since I buy it from them) ... I always like to do things myself so that when something goes wrong - I know what to do..."
    Agreed, good idea.

    As for speeds, it depends on what you want to do. Download speeds are always <1/2 upload, but VPN's can work extremely well, and the VPN is not causing the slow speed, that is more the connection. Though VPN's have a little more overhead with encrypting and unencrypting, it is very minimal. File sharing works well over most VPN's but it is definitely slower. Where they really shine is using remote desktop to access your work computer to work remotely. The one thing that generally does not work well over a VPN is a standard database application such as Access and many accounting programs.
    LVL 77

    Expert Comment

    by:Rob Williams
    Thanks Meir,

    Featured Post

    How to run any project with ease

    Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
    - Combine task lists, docs, spreadsheets, and chat in one
    - View and edit from mobile/offline
    - Cut down on emails

    Join & Write a Comment

    I've had to do a bit of research to setup my VPN connection so that Clients can access Windows Server 2008 network shares.  I have a Cisco ASA 5510 firewall.  I found an article which was extremely useful: It had a solution if you use ASDM to config…
    Like many others, when I created a Windows 2008 RRAS VPN server, I connected via PPTP, and still do, but there are problems that can arise from solely using PPTP.  One particular problem was that the CFO of the company used a Virgin Broadband Wirele…
    After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
    After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

    746 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    14 Experts available now in Live!

    Get 1:1 Help Now