Solved

Microsoft SBS 2008 PPTP VPN problem

Posted on 2013-12-17
10
1,138 Views
Last Modified: 2014-10-25
Hey Experts,

We are experience problems with our Microsoft SBS 2008 server, suddenly clients cannot connect through PPTP VPN, and we have tried anything, but nothing seems to be working (but it worked a month ago).

The error says:
Error 628: The Connection was terminated by the remote computer before it could be completed…

I found some additional information from activating logging from the client it receives the following error:
There could not be established connection on port VPN3-1. This is because the selected authentication protocol. Check if the operating system on the client and server support the selected authentication protocol(The message is translated from Danish).

I find it to hard track any error regarding this following problem from the EventViewer…
The VPN Is configured through the Windows SBS console. I have tried to reinstall the VPN connection, and restart have been performed. Windows firewall is off and i have tried to disable anitvirus..
0
Comment
Question by:perspektiva
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
10 Comments
 
LVL 14

Expert Comment

by:BlueCompute
ID: 39724103
What's the OS of the client computers that are connecting? I've seen this on Windows 8 clients but not on Windows XP/Vista/7. Is the problem the same for all users, and are have you changed any network hardware at the server end recently?
0
 

Author Comment

by:perspektiva
ID: 39726282
Hello there,
The problem occurs on Windows 7 clients, we have tried multiple computers from different locations. Nothing network related has been changed.

I got my college to test from a Windows XP client and he received following error: Error 732 Your computer and the remote computer could not agree on PPP control protocols.

I’m not receiving any error when I’m trying to telnet on port 1723 to the given VPN address, so I guess I’m able to connect.
0
 
LVL 14

Expert Comment

by:BlueCompute
ID: 39726357
Yes the fact that it's getting as far as protocol negotiation tells us there's end-to-end connectivity on the relevant ports.
I'd enable logging on the server (as described here via the routing and remote access administrative tool) and go through those; at the same time I'd check the "Authentication Methods" under the security tab on the same page; compare the enabled protocols there with those that are available on your client computers.
0
U.S. Department of Agriculture and Acronis Access

With the new era of mobile computing, smartphones and tablets, wireless communications and cloud services, the USDA sought to take advantage of a mobilized workforce and the blurring lines between personal and corporate computing resources.

 
LVL 14

Expert Comment

by:BlueCompute
ID: 39726363
Also, as it's SBS, I'd suggest running all 5 of the "Connect to the internet" wizards on the Home Page of the Windows SBS Console; it certainly won't hurt.
0
 

Author Comment

by:perspektiva
ID: 39731507
I have tried enabling some logging but I can’t find any useful information..

I will upload the log file and Screenshot of our Network policy constraint to this case, maybe you can see what’s happening.

The network test "Connect to the internet" is completet, but im getting the same error...
Virtual-Private-Network--VPN--Ac.PNG
PPP.txt
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 39772654
Your NPS policy is not a default configuration for SBS.  Someone has manually 'tweaked' it so there may be incorrect settings elsewhere.  CHAP and PAP should not be selected, though they will not stop the VPN from working.

Make sure the protocol is selected in RRAS under server name | properties | security | authentication | and only MS-Chap v2 is selected.  No protocols are specified in the NPS policy.

If correct I would disable the VPN by opening the RRAS console, right click on the server name and choose disable.  Then run the VPN wizard under SBS console | Network | Connectivity.

I don't know if that will recreate the VPN policy.  If not I would suggest comparing the configuration in the following SBS 2011 Essentials article, which is the same as your SBS 2008.  2011 Essentials did not have a wizard so you had to do it manually and this article was written to match the SBS 2008/2011 method of configuring.
http://blog.lan-tech.ca/2012/01/28/sbs-2011-essentials-configuring-vpn-access/
0
 
LVL 22

Expert Comment

by:Olaf De Ceuster
ID: 39772948
Try running the SBS BPA for guidance?
http://www.microsoft.com/en-us/download/details.aspx?id=6231
Hope that helps
Olaf
0
 

Accepted Solution

by:
perspektiva earned 0 total points
ID: 40370129
We found that the problem was not windows related. It is a bug in VMware ESXi 5.5.

Changing the nic from e1000 to VMXNET3 solved our problem.

http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2061834
1

Featured Post

PeopleSoft Has Never Been Easier

PeopleSoft Adoption Made Smooth & Simple!

On-The-Job Training Is made Intuitive & Easy With WalkMe's On-Screen Guidance Tool.  Claim Your Free WalkMe Account Now

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
VPN Server Configuration in windows 7 7 76
roaming profiles windows server 2016 8 225
SBS2011 VPN users no longer connecting 4 80
Cisco AnyConnect VPN 4 48
Resolve DNS query failed errors for Exchange
An article on effective troubleshooting
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…

710 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question