Solved

PPTP base VPN as provided by microsoft server 2008 R2

Posted on 2013-01-16
2
473 Views
Last Modified: 2013-01-23
I have a PPTP based server at main location.
I have a Cisco Router running IOS 15.X at this location too.

I have a Cisco/Linksys E1000 at remote location.
When I connect a single client to the VPN at remote site it connects and performs well.
When I add a second client the first client and the second client no longer can pass traffic to main sites network.

When at different location that do not have Cisco/Linksys E1000 Firewall I can pass multiple clients to the VPN without any problems or disconnects.

Any ideas on how to correct?
0
Comment
Question by:johnanau
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 58

Accepted Solution

by:
Cliff Galiher earned 500 total points
ID: 38786365
First off, the E1000 is not a firewall. It is a basic consumer NAT router. They claim "firewall" because it does do packet-state but that is a far cry from a real firewall business device.

Most consumer routers won't handle more than one PPTP tunnel at a time. It is a limitation of the router, as they are designed for home use, not remote site locations. They simply don't have the networking stack to handle NATing more than one connection and they fall over. This is normally not an issue because a PPTP VPN would be set up in such a way that a user could connect to the network from home or a hotel room. There would not be multiple connections trying to run over the same router.

In a remote office scenario, however, an endpoint VPN tunnel is inefficient. Running multiple VPNs puts a lot of extra strain on the network and a lot of unnecessary encryption and negotiation happens. In such a scenario, you should be looking at a single site-to-site VPN. Then all endpoints at the remote branch will use the same VPN tunnel, so there is only one set of encryption/decryption points. Far more efficient on bandwidth and CPU load.

Maybe your Cisco router supports site-to-site. Maybe not. I know the E1000 does not though so you are looking at replacing or adding *at least* one device. If you really like your Cisco router, you may not need to replace it, just put a VPN device behind it (on one or both ends.) Look at site-to-site VPN appliances and add them to your networks as necessary and that'll solve your issue. But there is no way to get the PPTP VPN working the way you want with the topology and equipment you described.
0
 

Author Closing Comment

by:johnanau
ID: 38812885
Remains to be seen if load is too great.  Ive resolved the issue, but thank you for your response.
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Moving on from sbs 2008... 36 136
Advice on router and switch 25 83
Samsung Tablet no Internet but does connect to WiFi 7 49
Utility to Scan for Unauthorized Access 4 33
In the world of WAN, QoS is a pretty important topic for most, if not all, networks. Some WAN technologies have QoS mechanisms built in, but others, such as some L2 WAN's, don't have QoS control in the provider cloud.
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…
This tutorial will walk an individual through the steps necessary to install and configure the Windows Server Backup Utility. Directly connect an external storage device such as a USB drive, or CD\DVD burner: If the device is a USB drive, ensure i…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question