Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

PPTP base VPN as provided by microsoft server 2008 R2

Posted on 2013-01-16
2
Medium Priority
?
476 Views
Last Modified: 2013-01-23
I have a PPTP based server at main location.
I have a Cisco Router running IOS 15.X at this location too.

I have a Cisco/Linksys E1000 at remote location.
When I connect a single client to the VPN at remote site it connects and performs well.
When I add a second client the first client and the second client no longer can pass traffic to main sites network.

When at different location that do not have Cisco/Linksys E1000 Firewall I can pass multiple clients to the VPN without any problems or disconnects.

Any ideas on how to correct?
0
Comment
Question by:johnanau
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 59

Accepted Solution

by:
Cliff Galiher earned 1500 total points
ID: 38786365
First off, the E1000 is not a firewall. It is a basic consumer NAT router. They claim "firewall" because it does do packet-state but that is a far cry from a real firewall business device.

Most consumer routers won't handle more than one PPTP tunnel at a time. It is a limitation of the router, as they are designed for home use, not remote site locations. They simply don't have the networking stack to handle NATing more than one connection and they fall over. This is normally not an issue because a PPTP VPN would be set up in such a way that a user could connect to the network from home or a hotel room. There would not be multiple connections trying to run over the same router.

In a remote office scenario, however, an endpoint VPN tunnel is inefficient. Running multiple VPNs puts a lot of extra strain on the network and a lot of unnecessary encryption and negotiation happens. In such a scenario, you should be looking at a single site-to-site VPN. Then all endpoints at the remote branch will use the same VPN tunnel, so there is only one set of encryption/decryption points. Far more efficient on bandwidth and CPU load.

Maybe your Cisco router supports site-to-site. Maybe not. I know the E1000 does not though so you are looking at replacing or adding *at least* one device. If you really like your Cisco router, you may not need to replace it, just put a VPN device behind it (on one or both ends.) Look at site-to-site VPN appliances and add them to your networks as necessary and that'll solve your issue. But there is no way to get the PPTP VPN working the way you want with the topology and equipment you described.
0
 

Author Closing Comment

by:johnanau
ID: 38812885
Remains to be seen if load is too great.  Ive resolved the issue, but thank you for your response.
0

Featured Post

Does Your Cloud Backup Use Blockchain Technology?

Blockchain technology has already revolutionized finance thanks to Bitcoin. Now it's disrupting other areas, including the realm of data protection. Learn how blockchain is now being used to authenticate backup files and keep them safe from hackers.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Possible fixes for Windows 7 and Windows Server 2008 updating problem. Solutions mentioned are from Microsoft themselves. I started a case with them from our Microsoft Silver Partner option to open a case and get direct support from Microsoft. If s…
After seeing many questions for JRNL_WRAP_ERROR for replication failure, I thought it would be useful to write this article.
This tutorial will give a an overview on how to deploy remote agents in Backup Exec 2012 to new servers. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as connecting to a remote Back…
This tutorial will walk an individual through the steps necessary to configure their installation of BackupExec 2012 to use network shared disk space. Verify that the path to the shared storage is valid and that data can be written to that location:…

721 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question