Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1250
  • Last Modified:

Microsoft SBS 2008 PPTP VPN problem

Hey Experts,

We are experience problems with our Microsoft SBS 2008 server, suddenly clients cannot connect through PPTP VPN, and we have tried anything, but nothing seems to be working (but it worked a month ago).

The error says:
Error 628: The Connection was terminated by the remote computer before it could be completed…

I found some additional information from activating logging from the client it receives the following error:
There could not be established connection on port VPN3-1. This is because the selected authentication protocol. Check if the operating system on the client and server support the selected authentication protocol(The message is translated from Danish).

I find it to hard track any error regarding this following problem from the EventViewer…
The VPN Is configured through the Windows SBS console. I have tried to reinstall the VPN connection, and restart have been performed. Windows firewall is off and i have tried to disable anitvirus..
0
perspektiva
Asked:
perspektiva
1 Solution
 
BlueComputeCommented:
What's the OS of the client computers that are connecting? I've seen this on Windows 8 clients but not on Windows XP/Vista/7. Is the problem the same for all users, and are have you changed any network hardware at the server end recently?
0
 
perspektivaAuthor Commented:
Hello there,
The problem occurs on Windows 7 clients, we have tried multiple computers from different locations. Nothing network related has been changed.

I got my college to test from a Windows XP client and he received following error: Error 732 Your computer and the remote computer could not agree on PPP control protocols.

I’m not receiving any error when I’m trying to telnet on port 1723 to the given VPN address, so I guess I’m able to connect.
0
 
BlueComputeCommented:
Yes the fact that it's getting as far as protocol negotiation tells us there's end-to-end connectivity on the relevant ports.
I'd enable logging on the server (as described here via the routing and remote access administrative tool) and go through those; at the same time I'd check the "Authentication Methods" under the security tab on the same page; compare the enabled protocols there with those that are available on your client computers.
0
Choose an Exciting Career in Cybersecurity

Help prevent cyber-threats and provide solutions to safeguard our global digital economy. Earn your MS in Cybersecurity. WGU’s MSCSIA degree program was designed in collaboration with national intelligence organizations and IT industry leaders.

 
BlueComputeCommented:
Also, as it's SBS, I'd suggest running all 5 of the "Connect to the internet" wizards on the Home Page of the Windows SBS Console; it certainly won't hurt.
0
 
perspektivaAuthor Commented:
I have tried enabling some logging but I can’t find any useful information..

I will upload the log file and Screenshot of our Network policy constraint to this case, maybe you can see what’s happening.

The network test "Connect to the internet" is completet, but im getting the same error...
Virtual-Private-Network--VPN--Ac.PNG
PPP.txt
0
 
Rob WilliamsCommented:
Your NPS policy is not a default configuration for SBS.  Someone has manually 'tweaked' it so there may be incorrect settings elsewhere.  CHAP and PAP should not be selected, though they will not stop the VPN from working.

Make sure the protocol is selected in RRAS under server name | properties | security | authentication | and only MS-Chap v2 is selected.  No protocols are specified in the NPS policy.

If correct I would disable the VPN by opening the RRAS console, right click on the server name and choose disable.  Then run the VPN wizard under SBS console | Network | Connectivity.

I don't know if that will recreate the VPN policy.  If not I would suggest comparing the configuration in the following SBS 2011 Essentials article, which is the same as your SBS 2008.  2011 Essentials did not have a wizard so you had to do it manually and this article was written to match the SBS 2008/2011 method of configuring.
http://blog.lan-tech.ca/2012/01/28/sbs-2011-essentials-configuring-vpn-access/
0
 
Olaf De CeusterCommented:
Try running the SBS BPA for guidance?
http://www.microsoft.com/en-us/download/details.aspx?id=6231
Hope that helps
Olaf
0
 
perspektivaAuthor Commented:
We found that the problem was not windows related. It is a bug in VMware ESXi 5.5.

Changing the nic from e1000 to VMXNET3 solved our problem.

http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2061834
1
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now