Link to home
Start Free TrialLog in
Avatar of Member_2_4587346

asked on

PPTP connection to SBS 2003 server but only one connection per public IP?

Hi all,

This is the setup:
- Office server running SBS 2003 using PPTP for clients to connect.
- Office Internet provided by Comcast.
- Client laptops running XP and Vista
- Users travel among several sites.
- Client locations are all using Qwest DSL.

All remote sites except one allow multiple computers to connect to the server using PPTP, although this wasn't always the case, only in the last several weeks has this become an issue and no hardware has been changed.  At this site only one computer at a time can connect from whatever the public IP is at the time, the connection from all the other computers stops at "Verifying username and password" until error 721 - "remote computer did not respond" is displayed.  If I disconnect the PPTP connection, wait approximately 10 minutes and then try a random computer it will connect using PPTP but no other computer will be able to do so.  Similarly, if I reboot the DSL modem any random computer will be able to connect using PPTP immediately, probably since the modem now has a different IP.  (I have the same DSL modem at my house and have noticed the same symptoms among my own computers when testing to the same server, i.e. only one at a time will be allowed but I thought is was just funkiness on my end and didn't worry about it).  The error listed on the server is #20209 and #20049 (essentially an authentication timeout).  Since this problem is not present using the same office laptops at any other site where an identical setup with DSL is used I'm not sure where to go next.  Is there a policy that can be set on the server to allow only one connection per IP?  This doesn't make a lot of sense since this doesn't happen to other sites but still worth a try.


Avatar of waynewilliams
Flag of United Kingdom of Great Britain and Northern Ireland image

Link to home
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
As per waynewilliams, Is your router provided by and managed by Comcast or a thrid party?
Are you aware of any firmware or software updates being applied to the router.
Are you able to check the number of available "Connections" in RRAS to make sure there is more than one?
Avatar of Member_2_4587346


The router/firewall is just a Qwest modem performing NAT with the firewall portion turned off, just the default settings.

The Comcast modem is at the main office and I do have access to it, however I don't think the problem is there since other remote sites can connect to it with multiple VPN sessions.

I'll check on firmware updates for the Qwest modem at the remote site.

Yes, there are plenty of available connections in RRAS.

Figured it out, Wayne had the right answer about not passing one GRE session out.  The easiest solution was to use a DMZ from the Qwest modem to an internal router/firewall that's more configurable.  Thanks for your help!