?
Solved

Error 736 connecting using PPTP.

Posted on 2006-07-20
8
Medium Priority
?
3,414 Views
Last Modified: 2007-12-19
I am trying to connect to a VPN connection.  Using Windows XP, and all default options.  Receiving this error: TCP/IP reported error 736: The remote computer terminated the control protocol.

VPN server is SBS 2003 with SP1.  ISA server 2004 non sp2.  I have checked the RRAS settings with another known working SBS server.  They all look ok.  I have rerun the Remove access Wizard serveral time after deleted the RRAS configuration.  The wizard runs successfully and reconfigures RRAS.

I have also check the ISA server settings with another known working SBS server.  All ok.
I have disabled RRAS, rerun the Internet connection wizard, checking all options, rerun the RRAS wizard on the to-do list.  Nothing.  Usually VPN works out of the box.



I have enabled logging for RRAS server.   I did notice something in the PPP.log file.
The control protocol for 8021, returned error 1168
[3728] 07-20 11:18:10:508: while making a configure result on port 325
[3728] 07-20 11:18:10:508: FsmClose event received for protocol 8021 on port 325

Also, when I do an ipconfig the PPTP adapter for dial is set to 192.168.11.2 instead of a local ip address.  I think this may be the problem.  In RRAS, it's set to route this ip address as well.  I believe changing the address may solve my problem.  Does anyone know how to do that?
0
Comment
Question by:Supermig
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4
8 Comments
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 17147777
That error is generally caused by not having an IP address to be able to assign.  As you have stated, this would normally work out of the box, and you shouldn't have to do any manual routing.  While you state that the "adapter for dial is set to 192.168.11.2" I have no reference to know whether that would be a problem or not.  Generally the PPTP IP for your server is set to a different IP than it's local address.

I would suspect that either you don't have enough IP address assigned to RRAS in DHCP (the wizards should automatically assign at least 5 IP's to RRAS -- view this in DHCP Scope > Address Leases).  These IP's are perpetually leased via DHCP so they should always show up there.

Or, in ISA you either don't have VPN Client Access enabled or if you do, you don't have it set for enough clients to match the number of DHCP leases.

Jeff
TechSoEasy
0
 

Author Comment

by:Supermig
ID: 17300805
Well, I got it working for now by going into RRAS and setting the VPN adapter to use a pool of addresses from the local scope.  Unfortunately this only works for a few days.  I go back into the same settings, and they are back to using DHCP.  Also if i rerun the Connection Wizard, it resets to DHCP, obviously that doesn't work.  I need to find out where the system has gotten this ghost address.(192.168.11.2)  Sorry I didn't mention before that my server's address is 192.168.16.2, the Wan card is 192.168.1.1, so you see why the 11.2 is so weird.  I have crossedchecked the settings with the other 20 SBS servers I have installed and administer, it doesn't make any sense.
0
 

Author Comment

by:Supermig
ID: 17301746
There are no addresses in the DHCP Scope>Address Leases.  The workstations are setup to use static addresses.  But even so, there should be something there.
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 17305554
>>>"Also if i rerun the Connection Wizard, it resets to DHCP, obviously that doesn't work."

What do you mean that doesn't work?  If you are getting errors with the CEICW you need to resolve them.  This should be the ONLY way for you to configure your DHCP Scope as well as your RRAS pool.  This is a very good example of why the wizard must be used on an SBS... because there are about 15 different things which must be simultaneously configured for this to work right and the ONLY way to do that is with the CEICW.

Please post a complete IPCONFIG /ALL from the server and I'll be happy to review where you are at.

Jeff
TechSoEasy
0
 

Author Comment

by:Supermig
ID: 17305751
I am getting NO obvious errors running the CEICW, it runs with no hiccups.  What I mean is that my temporary fix of going into>>RRAS and manually setting the VPN adapter to use a pool of addresses from the local scope INSTEAD of Dhcp<< is reset by the CEICW.  The CEICW, obviously does what it's supposed to do.   What it is also doing, is setting the VPN adapter address (which you can see by the ipconfig below,) to an address that is foreign to the local subnet.  Because of that, a VPN connection is not initialized correctly.  

So, I need to figure out one of two things:

1. Go into the script the CEICW uses and fix the wrong setting(s). or,
2. Manually set the ip address of the VPN adapter.


Here is an ipconfig for your review anyway, settings after the CEICW has ran:

Windows IP Configuration



   Host Name . . . . . . . . . . . . : sbserver

   Primary Dns Suffix  . . . . . . . : *******.local

   Node Type . . . . . . . . . . . . : Unknown

   IP Routing Enabled. . . . . . . . : Yes

   WINS Proxy Enabled. . . . . . . . : Yes

   DNS Suffix Search List. . . . . . : *******.local



Ethernet adapter Server Local Area Connection:



   Connection-specific DNS Suffix  . :

   Description . . . . . . . . . . . : Intel(R) PRO/100 VE Network Connection

   Physical Address. . . . . . . . . : 00-11-11-8D-0F-F9

   DHCP Enabled. . . . . . . . . . . : No

   IP Address. . . . . . . . . . . . : 192.168.16.2

   Subnet Mask . . . . . . . . . . . : 255.255.255.0

   Default Gateway . . . . . . . . . :

   DNS Servers . . . . . . . . . . . : 192.168.16.2

   Primary WINS Server . . . . . . . : 192.168.16.2



Ethernet adapter Internet Connection:



   Connection-specific DNS Suffix  . :

   Description . . . . . . . . . . . : Intel(R) PRO/100 S Desktop Adapter

   Physical Address. . . . . . . . . : 00-0E-0C-65-6E-0C

   DHCP Enabled. . . . . . . . . . . : No

   IP Address. . . . . . . . . . . . : 192.168.1.1

   Subnet Mask . . . . . . . . . . . : 255.255.255.0

   Default Gateway . . . . . . . . . : 192.168.1.254

   DNS Servers . . . . . . . . . . . : 192.168.16.2

   Primary WINS Server . . . . . . . : 192.168.16.2

   NetBIOS over Tcpip. . . . . . . . : Disabled



PPP adapter RAS Server (Dial In) Interface:



   Connection-specific DNS Suffix  . :

   Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface

   Physical Address. . . . . . . . . : 00-53-45-00-00-00

   DHCP Enabled. . . . . . . . . . . : No

   IP Address. . . . . . . . . . . . : 192.168.11.2

   Subnet Mask . . . . . . . . . . . : 255.255.255.255

   Default Gateway . . . . . . . . . :

   NetBIOS over Tcpip. . . . . . . . : Disabled

0
 
LVL 74

Accepted Solution

by:
Jeffrey Kane - TechSoEasy earned 2000 total points
ID: 17314981
The first thing you need to do is remove the WINS server setting from your External NIC.  Then, I'm guessing that you hae a ghosted IP address that you initially used on your server.  Just use the CHANGE SERVER IP ADDRESS wizard and set it to it's current IP of 192.168.16.2 (which it already is, but obviously not everywhere).  The Change Server IP Address Wizard should fix this.

Jeff
TechSoEasy
0
 

Author Comment

by:Supermig
ID: 17316251
Your answer did lead me to fix the problem.  This is what I did.

1.  Removed the WINS setting from the WAN card.
2.  Using the wizard, changed the server ip address to 16.3, and then back to 16.2
3.  Deleted the RRAS configuration.
4.  Reran the CEICW.

Presto.  Give Jeff a medal.  Thanks man.  You're awesome.
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 17316424
Glad you got it resolved... generally you don't have to change the server IP back and forth, but if that worked then great!  The wizard does allow you to "change" the IP to the current IP address.  

Deleting the RRAS configuration was also a good idea since manually tinkering with it would make it difficult to un-tinker.  Since the CEICW rebuilds it anyhow, there's no problem in deleting.  FYI, you should also run the Configure Remote Access Wizard so that your VPN Clients are configured properly for download (Small Business Server Connection Manager, downloaded  from Remote Web Workplace main menu).

Jeff
TechSoEasy
0

Featured Post

New feature and membership benefit!

New feature! Upgrade and increase expert visibility of your issues with Priority Questions.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The problem of the system drive in SBS 2003 getting full continues to be an issue, even though SBS 2008 and SBS 2011 are both in the market place.  There are several solutions to this, including adding additional drive space or using third party uti…
I've often see, or have been asked, the question about the difference between the Exchange 2010 SP1 version, available as part of Small Business Server (SBS) 2011, and the “normal” Exchange 2010 SP1 Standard. The answer to the question is relativ…
This is my first video review of Microsoft Bookings, I will be doing a part two with a bit more information, but wanted to get this out to you folks.
Have you created a query with information for a calendar? ... and then, abra-cadabra, the calendar is done?! I am going to show you how to make that happen. Visualize your data!  ... really see it To use the code to create a calendar from a q…

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question