Solved

How to VPN through DirecWay DW7000 (HN7000) Satellite connection to Windows 2003 RRAS PPTP or L2TP VPN

Posted on 2006-11-22
5
455 Views
Last Modified: 2008-02-01
The title says it all. We're connecting to the vpn host, but not getting beyond authentication. Has anybody successfully done this? Must I enable PAP authentication on the RRAS server?
0
Comment
Question by:jhafer2802
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
5 Comments
 
LVL 77

Expert Comment

by:Rob Williams
ID: 17999278
Often times a VPN is not possible over a satellite connection for 2 reasons.
1) The basic design of satellite networks causes significant end to end propagation delays that results in ping replies which are often between 300 and 500ms which  drastically degrades performance (should be no more than 125ms)  
2) the satellite connection will often not support various encryption protocols such as PPTP and IPSec
A couple of articles explaining some of these difficulties:
http://compnetworking.about.com/od/vpn/f/vpnandsatellite.htm
http://www.agristar.com/satellite_vpn.shtml
http://forum.ecoustics.com/bbs/messages/34579/127542.html
0
 

Author Comment

by:jhafer2802
ID: 18000711
According to the DirecWay/HughesNet support pages, it is possible to make a VPN connection to a Windows RRAS VPN, although performance can be expected to be reduced by aproximately 50%. They do not however provide specific documentation of the configuration required to make said connection. I am able to make an initial connection to the RRAS server, which prompts for authentication, but the authentication fails with an error 721.
0
 
LVL 77

Accepted Solution

by:
Rob Williams earned 75 total points
ID: 18000733
The 721 error almost certainly indicates that the GRE protocol is being blocked at some point. Check that all routers have PPTP pass-through enabled, if possible. Since you mention " DirecWay/HughesNet support pages, it is possible to make a VPN connection to a Windows RRAS VPN" they seem to support PPTP/GRE. However with 50% loss in performance it may be difficult to maintain the connection.

There are a couple of tests you can do to check if port forwarding for PPTP is configured correctly and that GRE is allowed to pass.

To verify PPTP, port 1723, is forwarded; from the VPN server go to the following site and test for port 1723:
http://www.canyouseeme.org

Assuming that is working correctly, Microsoft has a pair of test tools pptpsrv and pptpclnt, to test for GRE pass-through, which are available as part of the Windows resource kit or from:
http://www3.ns.sympatico.ca/malagash/Downloads/Net/

Log onto the client or VPN server machine and connect to the other with remote desktop, or a similar remote management tool. At a command line on the client machine, run pptpclnt and on the server run pptpsrv. The client machine will send a set of GRE packets to the server and it should show as received if GRE is able to pass. The server is then supposed to respond and the client indicate received, but I have never had that part work. The one direction client to server is usually enough to test.

Following links outline the use of the test tools:
http://www.howtonetworking.com/Tools/testgre.htm
See VPN traffic:
http://www.microsoft.com/technet/community/columns/cableguy/cg0105.mspx
0

Featured Post

The Ideal Solution for Multi-Display Applications

Check out ATEN’s VS1912 12-Port DP Video Wall Media Player at InfoComm 2017. Kerri describes how easy it is to design creative video walls in asymmetric layouts and schedule detailed playlists ahead of time with its advanced scheduling feature.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Originally, this post was published on Monitis Blog, you can check it here . It goes without saying that technology has transformed society and the very nature of how we live, work, and communicate in ways that would’ve been incomprehensible 5 ye…
During and after that shift to cloud, one area that still poses a struggle for many organizations is what to do with their department file shares.
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…
Suggested Courses
Course of the Month3 days, 11 hours left to enroll

630 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question