Solved

VPN will not authenticate on PC running BSafeOnline firewall (that is disabled)

Posted on 2006-06-20
8
712 Views
Last Modified: 2012-06-21
I'm trying to help establish a VPN connection to a client's office. He's using the MS standard client that is working fine for me, as are his credentials. The Windows firewall has been turned off. The only additional piece of software he is using is a firewall called BSafeOnline. It's very similar in appearance to Norton security center. The spam, firewall and virus controls are bundled togther. There is no real configuration to allow traffic, only block and while remoted into his PC, we turned the service completely off. Still no luck. I realize this is extremely vague, but I was hoping someone has at least come across BSafeOnline and can offer a little assistance. Their website offered no help at all.

Thanks!
0
Comment
Question by:119support
  • 3
  • 2
8 Comments
 
LVL 77

Expert Comment

by:Rob Williams
ID: 16948005
I am confused, which doesn't take much....I am reading, you are trying to connect to site 1 (the office). You can connect from your site, but the client cannot connect to site one from his site which is running BeSafe. Am I correct? If so most firewalls, though BeSafe operates differently, will give you a message when an out going service such as a VPN tires to connect. If there is no message it may be something else. Some router doe not support VPN/PPTP traffic, others require you log on an enable GRE traffic, which is most often referred to as PPTP pass-through. Is that an option other router. If possible you might also try connecting directly to the modem by-passing any routers, as a test. There are also a few ISP's that do not support PPTP. Is there an other computer, or laptop you could try from the client's site to see if the problem is the network hardware or BeSafe?
0
 
LVL 2

Author Comment

by:119support
ID: 16955932
Sorry, maybe my fingers got ahead of my brain.

Yes, you are correct. He's having the problem connecting from home to the office while I have no problems doing the same from my house using his credentials. Perhaps I should have been more forthcoming with the information on his setup. He has no router and is connected directly to the modem using broadband Earthlink. The BSafe is the firewall, much like Zone Alarm or Sygate.

We set up the VPN connection using the Windows add connection wizard. No 3rd party clients. When he tries to connect, he receives error 721 which says it has been refused at the office (the server is running RAS). A lookup of that error says just what you have explained. That the PPTP port is not open. Again, I don't receive this error and there is no reasoning for the server to deny him access since I pass with the same information.

That leaves the BSafe software. There is no way to configure allowed traffic, only blocked. Turning the service itself off completely shuts down internet access (Contrary to what I posted above. I meant disabling the firewall within the software.) There is no FAQ or forum on the website that offers any help. I can't ask him to remove the software because it is pay and he has his reasons for using it.

If anyone has experience with this software or can offer a way to force open the PPTP port I would appreciate it. I guess the last resort would be for him to contact their tech support.

I also bumped the points on this to 500. I'm not familiar with the points system here so sorry if it seemed I was holding out on you guys.

Thanks!
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 16956577
Is it possible for you to try your computer from his site? This would rule out the ISP and the modem. Though not that common, either can block PPTP traffic.

>>"not familiar with the points system here so sorry if it seemed I was holding out on you guys."
Doubt that is an issue, it is more a lack of familiarity with BeSafe.

One other common problem with VPN's, but it doesn't usually result in a 721 error, is the subnets at either end of a VPN tunnel should be different. Though the Windows client will usually work, if the office uses 192.168.1.x, as an example, then the remote site needs to use something different such as 192.168.2.x Is there a possibility of duplicate subnets at his location?
0
 
LVL 2

Author Comment

by:119support
ID: 16956697
>>"not familiar with the points system here so sorry if it seemed I was holding out on you guys."
Doubt that is an issue, it is more a lack of familiarity with BeSafe.

I meant for only offering 250 points on this question to start out.


Doubtful on the subnets. I setup their DC just a week ago to give out 10.168.0.X and with his PC being directly connected to the modem, he is pulling the public IP.

I doubt I will have access to his home, but I also doubt that Earthlink blocks PPTP traffic. Our's here in NC is just an offshoot of TWC and we all use the same Surfboard modems, varying just a bit in model number. They run in bridged mode only so there is no configurability there.

I'll try to get back into that BSafe software and look around a bit.

Thanks Rob!
0
 
LVL 77

Accepted Solution

by:
Rob Williams earned 500 total points
ID: 16956781
Surfboard modems will not block PPTP traffic, but I did some reading and Earthlink's T1 connections require you request PPTP to be opened, so it is possible they do the same with DSL/ADSL connections. Also Earthlink sells VPN services, so they might disable VPN traffic in favor of selling their own services. Just a long shot, if you think of nothing else, it might be worth a call, though I agree, it is probably the BeSafe software.
Good luck.
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
computers cannot communicate with each other 8 80
internet access from windows servers 4 72
ADMT Intra Forest migration questions 7 181
Password recovery software 4 26
Nslookup is a command line driven utility supplied as part of most Windows operating systems that can reveal information related to domain names and the Internet Protocol (IP) addresses associated with them. In simple terms, it is a tool that can …
A common practice in small networks is making file sharing easy which works extremely well when intra-network security is not an issue. In essence, everyone, that is "Everyone", is given access to all of the shared files - often the entire C: drive …
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…

803 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question