nwteam
asked on
VPN - "Error 628: The connection was terminated by the remote computer....."
We have a Small Business Server 2003 Premium Edition that had chronic "Error 800: Unable to establish connection" errors every time we tried to establish a PPTP VPN connection. This KB article seemed to describe the problem quite well and the patch here was applied: http://support.microsoft.com/?kbid=948496
However, now we have a different error - "Error 628: The connection was terminated by the remote computer before it could be completed. For furhter assistance, click More Info or search Help and Support Center for this error number". This is actually an issue with both incoming and outgoing VPN but right now we're only worried about outgoing VPN.
We've ruled out the modem - it's been replaced by one that definitely does do PPTP / GRE passthrough. A laptop plugged directly into this modem can VPN out and can be VPN'd into.
The rules on the ISA server have a temporary rule to allow all traffic from and to all networks.
We're running out of ideas....
WAN Interface on server:
IP Address. . . . . . . . . . . . : 10.0.0.2
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 10.0.0.1
DNS Servers . . . . . . . . . . . : 192.168.16.254
Primary WINS Server . . . . . . . : 192.168.16.254
LAN Interface on server (highest in search order):
IP Address. . . . . . . . . . . . : 192.168.16.254
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 192.168.16.254
Primary WINS Server . . . . . . . : 192.168.16.254
Can anybody hep?
However, now we have a different error - "Error 628: The connection was terminated by the remote computer before it could be completed. For furhter assistance, click More Info or search Help and Support Center for this error number". This is actually an issue with both incoming and outgoing VPN but right now we're only worried about outgoing VPN.
We've ruled out the modem - it's been replaced by one that definitely does do PPTP / GRE passthrough. A laptop plugged directly into this modem can VPN out and can be VPN'd into.
The rules on the ISA server have a temporary rule to allow all traffic from and to all networks.
We're running out of ideas....
WAN Interface on server:
IP Address. . . . . . . . . . . . : 10.0.0.2
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 10.0.0.1
DNS Servers . . . . . . . . . . . : 192.168.16.254
Primary WINS Server . . . . . . . : 192.168.16.254
LAN Interface on server (highest in search order):
IP Address. . . . . . . . . . . . : 192.168.16.254
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 192.168.16.254
Primary WINS Server . . . . . . . : 192.168.16.254
Can anybody hep?
ASKER
Yep - done all of that. ISA2004 SP3, SBS 2003 SP1 and then SP2 put on top of that.
Thanks
Thanks
So what do you see in the realtime log on ISA when a connection attempt is made?
ASKER
Only 3 lines per attempt.....
Destination IP, Destination Port, Protocol, Action, Client IP
x.x.x.x, 1723, PPTP, Initiated Connection, 10.0.0.2
x.x.x.x, 0, PPTP, Initiated Connection, 10.0.0.2
x.x.x.x, 1723, PPTP, Closed Connection, 10.0.0.2
Destination IP, Destination Port, Protocol, Action, Client IP
x.x.x.x, 1723, PPTP, Initiated Connection, 10.0.0.2
x.x.x.x, 0, PPTP, Initiated Connection, 10.0.0.2
x.x.x.x, 1723, PPTP, Closed Connection, 10.0.0.2
I have the same problem. This happens when you try to connect to a vpn from behind ISA.
ASKER
It was the modem afterall. While having the PPTP pass through ability, it seems certain Linksys modems that have VPN features built in do not function well behind ISA where VPN is concerned. So basically what I'd done to try fix the problem complicated it. I would have been better applying the patch and keeping the original modem!
Use RRAS instead
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Have you applied the sbs2003 sp1 and upgraded ISA to 2004?
Have you applied the ISA 2004 sp3?