PPTP ports do not display in RRAS

PPTP ports are suddenly missing from RRAS. PPTP clients cannot connect. Have already disabled & reconfigured RRAS on server. PPPoE and L2TP will display. Have gone into port configuration & made sure PPTP is enabled for RAS w/ various numbers of available ports. Event logs do not show any relavent information. Any & all help would be greatly appreciated.
Who is Participating?
spgcsConnect With a Mentor Author Commented:
Hi guys, thanks for the help
At one point, enabling RRAS killed the servers network connection so I had to just go there.
In the end, here's what fixed it:
Disabled RRAS
Stopped all blackberry services
Flushed DNS
Ran nbtstat -R
Ran netsh int ip reset c:\resetlog.txt
Reinstalled RRAS
Restarted Blackberry services
Amit BhatnagarTechnology Consultant - SecurityCommented:
Are you using an SBS Server? Do you have ISA installed on it? Type netstat -pan tcp on the command prompt. Do you see 1723 as an open\listening port? Use TCPView from SysInternals to see if by any chance, some other application is listening on that port. Check EventViewer....Normally when applications are not able to capture ports on which they are supposed to be listening, they throw an event. Do let me know if u get any events?
spgcsAuthor Commented:
Yes it is an SBS server. No, we don't have ISA. This is everything referencing 1723 from running the netstat command:
No pertinanent information from Event Viewer
Got TCPView --handy program, thanks. but nothing is grabbing 1723
Any other thoughts would be greatly welcomed.
WEBINAR: GDPR Implemented - Tips & Lessons Learned

Join the WatchGuard team on Thursday, March 29th as we recount some valuable lessons learned in weighing the needs of a business against the new regulatory environment, look ahead at the two months left before implementation, and help you understand the steps you can take today!

Amit BhatnagarTechnology Consultant - SecurityCommented:
Did you, in the recent past installed any program which modifies TCPIP/Winsock properties? like a Software Firewall, Network monitoring Software. Also, you mentioned that PPTP ports are not showing up. Can you please post a screenshot of the 'Ports' section of RRAS here? What all other services are installed on this Server like Exchange\AD\DNS\DHCP etc? In such cases, we can try resetting the TCP\IP as well but we normally keep that as a last option.
spgcsAuthor Commented:
No we did not add any new programs. Can't do a screenshot right now but the ports section lists L2TP and PPPoE ports, just not PPTP.
Other services:
Blackberry BES
Symantec Antivirus
Mozypro online backup
That netstat output doesn't look right to me.  It appears as though the server has established a connection with itself between ports 1722 and 1723.  I ran the same command on a server I've got configured for PPTP access, and the output was as follows regarding port 1723:

TCP               LISTENING

This is what I would expect to see, as there is no connection established on 1723 at the moment.  Run netstat again, but also include the -o switch ("netstat -pano tcp") to list the process IDs associated with the connections.  Note the PID associated with port 1723, then run tasklist to get the name of the process that holds that PID.
Amit BhatnagarTechnology Consultant - SecurityCommented:
No, that was the loopback that you saw. We did not see any Listening ports on the IP (which means all interfaces). This is what we SHOULD see...

Now, look at this interesting post on this website...

Tried connecting to VPN from my computer. Could not connect. Conclusion: remote user is neither stupid nor crazy. 
Tried to telnet to server over port 1723. Could not connect. 
Checked firewall logs for dropped connections on port 1723. None there. 
Disabled VPN access at firewall. Tried to connect again. Failed again. Checked logs again. Showed dropped connection. Conclusion: firewall is not the problem; when the rule is enabled, it is successfully letting PPTP traffic through. 
Checked status of Routing and Remote Access Service. Looked fine. Restarted service anyway. Still cant connect to VPN. 
Ran netstat -a on server to see if server was listening for connections on port 1723. It was, but it was in CLOSE_WAIT status. A-ha! Now were on to something. 
Ran netstat -b -v -o to see what exactly is using port 1723. Surprise! The executable involved is store.exe, i.e., Microsoft Exchange. What the hell is Exchange doing using port 1723? 
Restarted Exchange Information Store. (Not easy  had to try several times before it successfully stopped.) Ran netstat again after services restarted. Now server not listening on port 1723 at all. Progress, I suppose, but not good enough. 
Restarted RRAS. Still not listening on 1723. Started swearing. Didnt help. 
Started Blackberry Enterprise Server Dispatcher, Policy, and Synchronization services, which had to be stopped in order to stop Exchange store. Tried VPN again. It works! 

Open in new window

Amit BhatnagarTechnology Consultant - SecurityCommented:
I am glad, the issue got resolved. Tc.
Closed, 500 points refunded.
Community Support Moderator
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.