Server 2008 R2 Routing and Remote Access PPTP VPN issues


Some of my users are having problems connecting via routing and remote access PPTP VPN, I myself never experience this issue however many users appear to be disconnecting and having to redial the VPN almost 10 times before it remains connected so they could carry on their work. Nothing obvious in event logs, any ideas what could be causing this?

Nolan GustavoAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Nolan GustavoAuthor Commented:
Found warning in event log:
Failed to apply IP Security on port VPN2-113 because of error: A certificate could not be found.  Connections that use the L2TP protocol over IPSec require the installation of a machine certificate, also known as a computer certificate..  No calls will be accepted to this port.
Qlemo"Batchelor", Developer and EE Topic AdvisorCommented:
Check if that happens more often while more than one connection is used. It sounds like an issue with GRE session IDs and NAT - in particular if there is a firewall/router in front of the server. It's always best to have the VPN device directly connected to the WAN/Internet.
Nolan GustavoAuthor Commented:
Thanks I have enabled logging and now waiting for the connections to start dropping.
Big Business Goals? Which KPIs Will Help You

The most successful MSPs rely on metrics – known as key performance indicators (KPIs) – for making informed decisions that help their businesses thrive, rather than just survive. This eBook provides an overview of the most important KPIs used by top MSPs.

Nolan GustavoAuthor Commented:
Qlemo, please can you clarify on the GRE session IDs and NAT comment? this doesnt seem to affect all users, I for example cannot replicate this fault however 2 users on site regulary appear to be affected by this.
I have reviewed the logs, I might be missing something but I cannot see anything obvious at this point.

Qlemo"Batchelor", Developer and EE Topic AdvisorCommented:
GRE is troublesome if NAT is in the way, because it is an own protocol without ports. NATting firewalls need special logic to be able to map GRE connections to multiple servers and/or clients. Usually there is no issue if only one client connects to exactly one internal server, but other than that - sporadic failures.
If it is that way, you can't do anything but to see if there is a new router/firewall firmware available. Or switch to a different VPN type.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Nolan GustavoAuthor Commented:
Switched to different VPN type in the end (-:
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Remote Access

From novice to tech pro — start learning today.