Solved

VPN will not authenticate on PC running BSafeOnline firewall (that is disabled)

Posted on 2006-06-20
8
710 Views
Last Modified: 2012-06-21
I'm trying to help establish a VPN connection to a client's office. He's using the MS standard client that is working fine for me, as are his credentials. The Windows firewall has been turned off. The only additional piece of software he is using is a firewall called BSafeOnline. It's very similar in appearance to Norton security center. The spam, firewall and virus controls are bundled togther. There is no real configuration to allow traffic, only block and while remoted into his PC, we turned the service completely off. Still no luck. I realize this is extremely vague, but I was hoping someone has at least come across BSafeOnline and can offer a little assistance. Their website offered no help at all.

Thanks!
0
Comment
Question by:119support
  • 3
  • 2
8 Comments
 
LVL 77

Expert Comment

by:Rob Williams
Comment Utility
I am confused, which doesn't take much....I am reading, you are trying to connect to site 1 (the office). You can connect from your site, but the client cannot connect to site one from his site which is running BeSafe. Am I correct? If so most firewalls, though BeSafe operates differently, will give you a message when an out going service such as a VPN tires to connect. If there is no message it may be something else. Some router doe not support VPN/PPTP traffic, others require you log on an enable GRE traffic, which is most often referred to as PPTP pass-through. Is that an option other router. If possible you might also try connecting directly to the modem by-passing any routers, as a test. There are also a few ISP's that do not support PPTP. Is there an other computer, or laptop you could try from the client's site to see if the problem is the network hardware or BeSafe?
0
 
LVL 2

Author Comment

by:119support
Comment Utility
Sorry, maybe my fingers got ahead of my brain.

Yes, you are correct. He's having the problem connecting from home to the office while I have no problems doing the same from my house using his credentials. Perhaps I should have been more forthcoming with the information on his setup. He has no router and is connected directly to the modem using broadband Earthlink. The BSafe is the firewall, much like Zone Alarm or Sygate.

We set up the VPN connection using the Windows add connection wizard. No 3rd party clients. When he tries to connect, he receives error 721 which says it has been refused at the office (the server is running RAS). A lookup of that error says just what you have explained. That the PPTP port is not open. Again, I don't receive this error and there is no reasoning for the server to deny him access since I pass with the same information.

That leaves the BSafe software. There is no way to configure allowed traffic, only blocked. Turning the service itself off completely shuts down internet access (Contrary to what I posted above. I meant disabling the firewall within the software.) There is no FAQ or forum on the website that offers any help. I can't ask him to remove the software because it is pay and he has his reasons for using it.

If anyone has experience with this software or can offer a way to force open the PPTP port I would appreciate it. I guess the last resort would be for him to contact their tech support.

I also bumped the points on this to 500. I'm not familiar with the points system here so sorry if it seemed I was holding out on you guys.

Thanks!
0
 
LVL 77

Expert Comment

by:Rob Williams
Comment Utility
Is it possible for you to try your computer from his site? This would rule out the ISP and the modem. Though not that common, either can block PPTP traffic.

>>"not familiar with the points system here so sorry if it seemed I was holding out on you guys."
Doubt that is an issue, it is more a lack of familiarity with BeSafe.

One other common problem with VPN's, but it doesn't usually result in a 721 error, is the subnets at either end of a VPN tunnel should be different. Though the Windows client will usually work, if the office uses 192.168.1.x, as an example, then the remote site needs to use something different such as 192.168.2.x Is there a possibility of duplicate subnets at his location?
0
 
LVL 2

Author Comment

by:119support
Comment Utility
>>"not familiar with the points system here so sorry if it seemed I was holding out on you guys."
Doubt that is an issue, it is more a lack of familiarity with BeSafe.

I meant for only offering 250 points on this question to start out.


Doubtful on the subnets. I setup their DC just a week ago to give out 10.168.0.X and with his PC being directly connected to the modem, he is pulling the public IP.

I doubt I will have access to his home, but I also doubt that Earthlink blocks PPTP traffic. Our's here in NC is just an offshoot of TWC and we all use the same Surfboard modems, varying just a bit in model number. They run in bridged mode only so there is no configurability there.

I'll try to get back into that BSafe software and look around a bit.

Thanks Rob!
0
 
LVL 77

Accepted Solution

by:
Rob Williams earned 500 total points
Comment Utility
Surfboard modems will not block PPTP traffic, but I did some reading and Earthlink's T1 connections require you request PPTP to be opened, so it is possible they do the same with DSL/ADSL connections. Also Earthlink sells VPN services, so they might disable VPN traffic in favor of selling their own services. Just a long shot, if you think of nothing else, it might be worth a call, though I agree, it is probably the BeSafe software.
Good luck.
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Downtime reduced, data recovered by utilizing an Experts Exchange Business Account Challenge The United States Marine Corps employs more than 200,000 active-duty Marines with operations in four continents, all requiring complex networking system…
This article is in response to a question (http://www.experts-exchange.com/Networking/Network_Management/Network_Analysis/Q_28230497.html) here at Experts Exchange. The Original Poster (OP) requires a utility that will accept a list of IP addresses …
In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now