• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1134
  • Last Modified:

Can't connect more than two clients through SBS VPN--> 736 error

We have an office sever with SBS 2003 and VPN setup. We have no problem connecting two remote XP clients to the network, but when a third tries to connect we get
"TCP/IP CP reported error 736: The remote computer terminated the control protocol."  I know that SBS 2003 will not allow more that two terminal service connections is this
the same for VPN?  If not, how can I get more than two connections?
  • 2
1 Solution
It's acting like there are only 2 vpn ports defined for that protocol in RRAS.  Either that or the assigned IP addresses (whether static or through bridging dhcp) have only 2 available and then cannot create a port for the third.  By default I believe there are like 10 or 11 concurrent connections setup in SBS, but really only half that as half are L2TP and other half are PPTP, of which you are most likely only using one.

Look in RRAS (Routing and Remote Access).  Click on Ports. And see how many PPTP ports you have showing in the list.  If it's more than two or three then right click on the "server name (Local)" and select Properties.  (If it's not more than three then you need add more PPTP ports.

Click on the IP tab and see whether you are using DHCP on the server or static IP's.  If static IP's note how many there are and jot down the IP's listed.  (If you're using static IP's and you added more PPTP ports above then you'll also need to add more static IP addresses to match that number).  Now click on the Logging tab and select "log all events".

If you were using DHCP, Close out those windows and go to your DHCP server.  Open up your main Scope, then Client Leases.  You should see several listings with the little dial up networking symbol icon beside them (with a little phone).  See how many you have, and notate the IP addresses.  If less than the number of ports you had above you need to add more to the dhcp leases.  If not then check those IP addresses and insure that you haven't added static IP's somewhere in the network that overlap that list of dhcp lease addresses.

Finally, have your users attempt to log on to vpn and get the error:

To enable RAS logs run command “netsh ras set tracing * enabled”  (for some reason this is frequently disabled in SBS regardless of what you set in the logging directory)
Now have those 3 users attempt to recreate the error by logging in.
Now immediately dump the RAS logs to disk by typing “netsh ras set tracing * disabled” command.
Check the logs at c:\windows\tracing directory (or your main win directory if different)
Some of the files where you can look to debug the problem are –

Also see the “Event viewer” and see if you can find any by “RemoteAccess” .

Error codes related to RRAS are listed at http://support.microsoft.com/kb/q163111/ 

Let us know what you find

Matt Ridings
MSR Consulting
DBBurnsINAuthor Commented:
Thanks Matt, all I had to do was change the IP setting from DHCP to Static and it worked.
Cool, probably didn't have enough IP's in your dynamic pool.

Glad it worked,

Matt Ridings
MSR Consulting
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now