Link to home
Start Free TrialLog in
Avatar of thompsontech
thompsontech

asked on

PPTP VPN Error 721 issue for 1 out 25 users

Hello,

Very frustrated with this issue.  I have searched here, and via google and can not come up with a real answer to the problem.

We have a network with 25 users on Laptops.  We also have Windows 2003 server handleing all VPN connections and authentication.  Everybody can connected using a PPTP VPN without issue, excpet 1 user.  It connects, and then stalls while verifing user name and password, giving an error 721.

He uses TrendMicro Total Internet Security for AV & firewall.  Windows firewall is disabled.  I tried configuring the firewall, and even disabling it completely.  Still doesn't work.  I shut the software completely off, still no go.  I have tried from a variaty of internet sources, wired, wireless, mobile broadband, from a variety of sources.  I have basically varified that the problem is with the machine it's self, not a router, firewall or other external source.  I still get the same Error 721.  Does anybody have any tips or ideas to look at?

Thanks
SOLUTION
Avatar of debuggerau
debuggerau
Flag of Australia image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of arnold
Did you create a new PPTP connection or were you using the existing one.

Is the PPTP connection configured on this laptop is the same as the ones on the working model?

Did you try the connection from the same location where another laptop had no problem establishing a VPN?

A 721 error is almost always caused by blocked GRE protocol. This can be due to many issues at either end of the tunnel, but it sounds like you have narrowed it down to the client machine itself. Several security applications such as Symantec have to actually be uninstalled to allow GRE, simply shutting them down does not do it. Trend is one that can block GRE but I don't know if it actually has to be removed. Even some Anti-virus applications will block GRE such as Symantec if "internet worm protection" is enabled. Assuming you have tried from behind different routers and different ISP's I would suggest focusing on the security apps on the PC.
Avatar of thompsontech
thompsontech

ASKER


I have tried using the VPN from multiple internet access points; mobile broadband, the users home internet, and another access point.  In the case of the mobile broadband, other working PC's have been able to access the VPN without issue.

I configured the VPN link myself, and it is setup the same as on every other machine.  I removed the VPN and reinstalled it on at least three occasions.  Using both IP address and the url that points to the static IP.  Again, using settings that work on all other PC's with access.

The mobile broadband, is my own and was installed for testing this issue out.  I use it on a regualr basis on at least 3 other PCs for VPN access.

I suspect the GRE issue is the culprit, but not sure how to verify whether it's currently blocked.  

I have since learned a Symantec security suite was once used, but has been uninstalled.  TrendMicro is now the security suite used.  While in the TrendMicro's Internet Security  application I was unable to determine how to verify the status of the GRE portocol.

Any ideas related to this Security Suite would be helpful.  If I unistall the suite, I will still need to reinstall so not to leave the user exposed, so I need to find out how to configure it properly.

Thanks,
See if you have an option to add an exemption for protocol 47 (GRE) within its firewall configuration.
ASKER CERTIFIED SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Could be something TCPIP related to windows like the MTU setting or something similar.

If you have GRE pass-through, I would check your TCP settings with DrTCP...

SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
but the firewall was disabled was the claim above...

Anyways, happy you have it sorted..

I am looking in to trying the above fix from glzeiger.  I will report back as soon as I am able to work on the machine in question.  Currently, he is on the east and his internet is down, and I am on the west coast, so trying things out is a little slow sometimes, but I apreciate everybodies input.
I have gone round and round with this issue for sometime.  It has taken even longer due to the fact the machine is very rarley under my direct control.  The user and the machine are live on the east coast (I'm with the rest of the company on the west coast).  

After trying many things mentioned both here and other places I fianally set up a test machine with the same A/V firewall setup and was able to replicate the problem.  Could not find a solution.

Contacted TrendMicro (probably should have done this earlier) and was told point blank, PPTP VPN connections are not supported with this software firewall.  If I needed a PPTP VPN then I was directed to uninstall their firewall.

I did that and the problem was resolved.  I should note, disabling the firewall will not help, it must be uninstalled.  

I'm leaving the issue alone at this point and having the user uninstall their TrendMicro firewall, and will move on to another solution as needed.

Thanks for the help!
Glad to hear you have at least found the problem. As mentioned in ID:24100029, TrendMicro is known to be a problem with VPN's.
--Rob