Link to home
Create AccountLog in
Avatar of telmoj
telmoj

asked on

TMG 2010 - PPTP VPN not allowing some clients to connect

Hi!
 
I have installed TMG 2010 STD on Windows Server 2008 R2 STD, This server is installed on an Hyper-V machine, also running Windows Server 2008 R2 STD. On the hyper-v I removed the TCP-IP/v4 check mark to ensure no comunitation is established througt that network connection.  On TMG i've turned on VPN connection for PPTP clients. All fine and running.
 
When the users started to connect some of them connected fine... BUT some couldn't... They receive error: A connection between the VPN server and the VPN client **.***.***.** has been established, but the VPN connection cannot be completed. The most common cause for this is that a firewall or router between the VPN server and the VPN client is not configured to allow Generic Routing Encapsulation (GRE) packets (protocol 47).
 
After a lot of time... and trying to solve the problem, I though... hey... maybe it is some problem on the Router... so... I bough another... same problem... So I bought yet another (Cisco LincSys/SMC/Cisco LincSys). Nothing... didn't worked. I shutdown the 1st TMG, removed it from the Domain (Windows 2008) and... installed another TMG 2010... puff... same problem.
 
Still a clue, If those clients that cannot connect to the VPN, connect first to another VPN also on PPTP with TMG... they can connect with no problems.
 
I have NO idea of what the problem is... can someone help me?
 
There are some how says "The Solution is to disable PPTP filter on PPTP protocol" but my TMG doens't give me the option to disable it... just shows me properties.
 
The lan is configured as this:

Router-> 192.168.1.1 (default gateway) -> TMG 192.168.1.3

TMG -> 10.10.1.224/255.255.0.0
 
DC -> 10.10.1.221
 
>netstat -ano |findstr ":1723"
   TCP    0.0.0.0:1723           0.0.0.0:0              LISTENING       4
   TCP    192.168.1.3:1723       10.10.1.1:50280        TIME_WAIT       0
   TCP    192.168.1.3:1723       94.173.190.42:50457    ESTABLISHED     4
   TCP    192.168.1.3:1723       95.136.26.169:25606    CLOSE_WAIT      4
   TCP    192.168.1.3:1723       95.136.26.169:25609    CLOSE_WAIT      4
   TCP    192.168.1.3:1723       95.136.26.169:25610    CLOSE_WAIT      4
   TCP    192.168.1.3:1723       192.168.1.24:57254     ESTABLISHED     4
   TCP    192.168.1.3:13135      192.168.1.3:1723       ESTABLISHED     2888
   TCP    192.168.1.3:16684      192.168.1.3:1723       ESTABLISHED     2888
   UDP    192.168.1.3:17238      *:*                                    2888
 

 So what the problem might be? I can't understand....maybe problem with Windows Server or TMG?
Avatar of Suliman Abu Kharroub
Suliman Abu Kharroub
Flag of Jordan image

Why you dont use SSTP instead of PPTP ? it uses port 443 which is opened everywhere.
Avatar of telmoj
telmoj

ASKER

@Sulimanw: Because it is a requirement to use PPTP.
Avatar of telmoj

ASKER

I installed a new W2k8 R2 with TMG, on a diferente hardware and still the same problem.
Can someone help me?
ASKER CERTIFIED SOLUTION
Avatar of telmoj
telmoj

Link to home
membership
Create an account to see this answer
Signing up is free. No credit card required.
Create Account
Avatar of telmoj

ASKER

It was the only solution.