119support
asked on
VPN will not authenticate on PC running BSafeOnline firewall (that is disabled)
I'm trying to help establish a VPN connection to a client's office. He's using the MS standard client that is working fine for me, as are his credentials. The Windows firewall has been turned off. The only additional piece of software he is using is a firewall called BSafeOnline. It's very similar in appearance to Norton security center. The spam, firewall and virus controls are bundled togther. There is no real configuration to allow traffic, only block and while remoted into his PC, we turned the service completely off. Still no luck. I realize this is extremely vague, but I was hoping someone has at least come across BSafeOnline and can offer a little assistance. Their website offered no help at all.
Thanks!
Thanks!
Rob Williams
I am confused, which doesn't take much....I am reading, you are trying to connect to site 1 (the office). You can connect from your site, but the client cannot connect to site one from his site which is running BeSafe. Am I correct? If so most firewalls, though BeSafe operates differently, will give you a message when an out going service such as a VPN tires to connect. If there is no message it may be something else. Some router doe not support VPN/PPTP traffic, others require you log on an enable GRE traffic, which is most often referred to as PPTP pass-through. Is that an option other router. If possible you might also try connecting directly to the modem by-passing any routers, as a test. There are also a few ISP's that do not support PPTP. Is there an other computer, or laptop you could try from the client's site to see if the problem is the network hardware or BeSafe?
ASKER
Sorry, maybe my fingers got ahead of my brain.
Yes, you are correct. He's having the problem connecting from home to the office while I have no problems doing the same from my house using his credentials. Perhaps I should have been more forthcoming with the information on his setup. He has no router and is connected directly to the modem using broadband Earthlink. The BSafe is the firewall, much like Zone Alarm or Sygate.
We set up the VPN connection using the Windows add connection wizard. No 3rd party clients. When he tries to connect, he receives error 721 which says it has been refused at the office (the server is running RAS). A lookup of that error says just what you have explained. That the PPTP port is not open. Again, I don't receive this error and there is no reasoning for the server to deny him access since I pass with the same information.
That leaves the BSafe software. There is no way to configure allowed traffic, only blocked. Turning the service itself off completely shuts down internet access (Contrary to what I posted above. I meant disabling the firewall within the software.) There is no FAQ or forum on the website that offers any help. I can't ask him to remove the software because it is pay and he has his reasons for using it.
If anyone has experience with this software or can offer a way to force open the PPTP port I would appreciate it. I guess the last resort would be for him to contact their tech support.
I also bumped the points on this to 500. I'm not familiar with the points system here so sorry if it seemed I was holding out on you guys.
Thanks!
Yes, you are correct. He's having the problem connecting from home to the office while I have no problems doing the same from my house using his credentials. Perhaps I should have been more forthcoming with the information on his setup. He has no router and is connected directly to the modem using broadband Earthlink. The BSafe is the firewall, much like Zone Alarm or Sygate.
We set up the VPN connection using the Windows add connection wizard. No 3rd party clients. When he tries to connect, he receives error 721 which says it has been refused at the office (the server is running RAS). A lookup of that error says just what you have explained. That the PPTP port is not open. Again, I don't receive this error and there is no reasoning for the server to deny him access since I pass with the same information.
That leaves the BSafe software. There is no way to configure allowed traffic, only blocked. Turning the service itself off completely shuts down internet access (Contrary to what I posted above. I meant disabling the firewall within the software.) There is no FAQ or forum on the website that offers any help. I can't ask him to remove the software because it is pay and he has his reasons for using it.
If anyone has experience with this software or can offer a way to force open the PPTP port I would appreciate it. I guess the last resort would be for him to contact their tech support.
I also bumped the points on this to 500. I'm not familiar with the points system here so sorry if it seemed I was holding out on you guys.
Thanks!
Is it possible for you to try your computer from his site? This would rule out the ISP and the modem. Though not that common, either can block PPTP traffic.
>>"not familiar with the points system here so sorry if it seemed I was holding out on you guys."
Doubt that is an issue, it is more a lack of familiarity with BeSafe.
One other common problem with VPN's, but it doesn't usually result in a 721 error, is the subnets at either end of a VPN tunnel should be different. Though the Windows client will usually work, if the office uses 192.168.1.x, as an example, then the remote site needs to use something different such as 192.168.2.x Is there a possibility of duplicate subnets at his location?
>>"not familiar with the points system here so sorry if it seemed I was holding out on you guys."
Doubt that is an issue, it is more a lack of familiarity with BeSafe.
One other common problem with VPN's, but it doesn't usually result in a 721 error, is the subnets at either end of a VPN tunnel should be different. Though the Windows client will usually work, if the office uses 192.168.1.x, as an example, then the remote site needs to use something different such as 192.168.2.x Is there a possibility of duplicate subnets at his location?
ASKER
>>"not familiar with the points system here so sorry if it seemed I was holding out on you guys."
Doubt that is an issue, it is more a lack of familiarity with BeSafe.
I meant for only offering 250 points on this question to start out.
Doubtful on the subnets. I setup their DC just a week ago to give out 10.168.0.X and with his PC being directly connected to the modem, he is pulling the public IP.
I doubt I will have access to his home, but I also doubt that Earthlink blocks PPTP traffic. Our's here in NC is just an offshoot of TWC and we all use the same Surfboard modems, varying just a bit in model number. They run in bridged mode only so there is no configurability there.
I'll try to get back into that BSafe software and look around a bit.
Thanks Rob!
Doubt that is an issue, it is more a lack of familiarity with BeSafe.
I meant for only offering 250 points on this question to start out.
Doubtful on the subnets. I setup their DC just a week ago to give out 10.168.0.X and with his PC being directly connected to the modem, he is pulling the public IP.
I doubt I will have access to his home, but I also doubt that Earthlink blocks PPTP traffic. Our's here in NC is just an offshoot of TWC and we all use the same Surfboard modems, varying just a bit in model number. They run in bridged mode only so there is no configurability there.
I'll try to get back into that BSafe software and look around a bit.
Thanks Rob!
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.