Using PPTP Client Remotely

  • Thread starter Thread starter Karen
  • Start date Start date
K

Karen

Our corporation provides software support to hundreds of
clients. In order to adequately support the clients we
require access to their servers from a variety of
locations across the US. For our remote employees, we are
currently testing the use of the PPTP client. The remotes
(like myself)utilize some type of fast access to the
internet (DSL, cable modems, etc.) to a CISCO VPN
connection and then a final VPN connection using PPTP
client. We are able to successfully make the connection
to all of the servers (HP3000s, NT servers, Citrix
servers,etc.). But, once we open the applications we are
trying to support, we lock up. It's possible that the
PPTP client is not robust enough to utilize as a
solution. Based on the steps outlined on the MS tech
support site, all settings appear to be correct. Any
ideas? Thanks.
 
Hello Karen,

There could be alot of reasons you are seeing this kind of behavior.
What kind of applications are we talking about?
Have you taken a trace from the client as well as the destination server
(assuming of course the app. tries to contact a server) and can you see
traffic hitting the server?
When this happens, do you see a CPU spike, pagfile spike etc... on the
client and/or server?

You had stated that the client side may not be robust enough, what kind of
client are we talking about? NT? 2000? XP?




Shane Brasher
MCSE (2003,2000,NT),MCSA Security, Network+, A+
Microsoft Technical Support

This posting is provided "AS IS" with no warranties, and confers no rights.
 
-----Original Message-----
Hello Karen,

There could be alot of reasons you are seeing this kind of behavior.
What kind of applications are we talking about?
Have you taken a trace from the client as well as the destination server
(assuming of course the app. tries to contact a server) and can you see
traffic hitting the server?
When this happens, do you see a CPU spike, pagfile spike etc... on the
client and/or server?

You had stated that the client side may not be robust enough, what kind of
client are we talking about? NT? 2000? XP?




Shane Brasher
MCSE (2003,2000,NT),MCSA Security, Network+, A+
Microsoft Technical Support

This posting is provided "AS IS" with no warranties, and confers no rights.







.
Hi Shane
Click to expand...
We (all remote employees in different states) have been
doing some testing with out IT Dept over the last 24
hours. We have confirmed that the issue appears to be
directly related to the fact that we all have DSL modems
or some type of DSL connection. There are 10 of us. We
are all running Windows 2000 on our desktops. We make our
DSL connections and then subsequently a CISCO VPN
connection. From there, we make a private VPN connection
using Microsoft's PPTP client.

We have all shared our DSL access methods and
configurations with our Network Engineer and he is working
on the issue. We have confirmed trace routes and our
throughput appears to be good--no evident timeout issues.

I will be checking on your additional questions on what is
being seen at the server end.

Karen
 
Hello Karen,

I do have a few more questions if you don't mind.

1.) What version of the CISCO client are we talking about?
2.) Bypassing the CISCO VPN connection, can you successfully create a PPTP
session or do you need to run the CISCO client?
3.) Once you are connected, what app are you opening? Is it an app that has
to resolve to a server resource that is within the lan? If so, can you ping
that server before you open that app. and if so what is the MTU size that
you can ping it with? Example: ping <server name> -l 1400 -f
The switches used are:
-l size Send buffer size.
-f Set Don't Fragment flag in packet.
I am just curious to see if everyone gets the same MTU size or if it varies.

4.) What service pack level are the W2K clients?



Shane Brasher
MCSE (2003,2000,NT),MCSA Security, Network+, A+
Microsoft Technical Support

This posting is provided "AS IS" with no warranties, and confers no rights.
 
Hi Shane

See my answers to your questions below.

Our IT Dept is leaning towards bandwidth as the culprit.
Specifically, DSL vs Cable modem users. But, I just
cannot believe that's the case.

Karen

-----Original Message-----
Hello Karen,

I do have a few more questions if you don't mind.

1.) What version of the CISCO client are we talking
Click to expand...
about?

Cisco VPN Client 4.01
2.) Bypassing the CISCO VPN connection, can you successfully create a PPTP
session or do you need to run the CISCO client?
Click to expand...

No, we must make the Cisco NY VPN connection before we
make the PPTP tunnel connection.
3.) Once you are connected, what app are you opening? Is
Click to expand...
it an app that has to resolve to a server resource that is
within the lan? If so, can you ping that server before you
open that app. and if so what is the MTU size that
you can ping it with? Example: ping <server name> -l
Click to expand...
1400 -f
The switches used are:
-l size Send buffer size.
-f Set Don't Fragment flag in packet.
I am just curious to see if everyone gets the same MTU
Click to expand...
size or if it varies.

Once we connect to the server (HP3000) or NT server or
Oracle server--it varies. We then open the applications
running on those boxes which are all related to
advertising agencies.

C:\>ping 172.22.184.13 -l 1400 -f

Pinging 172.22.184.13 with 1400 bytes of data:

Packet needs to be fragmented but DF set.
Packet needs to be fragmented but DF set.
Packet needs to be fragmented but DF set.
Packet needs to be fragmented but DF set.

Ping statistics for 172.22.184.13:
Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms

C:\>
4.) What service pack level are the W2K clients?
Click to expand...

Win 2K Version 5.0.2195, Service Pack 4.0
 
Hello,

When you say the computer freezes, does the app freeze or the OS itself?
Has anyone taken a client side trace vs. a server side trace to see if the
traffic is making it to the server? It would be interesting to see what is
taking place accross the wire.
Your IT department should be able to help you with the analysis.

Shane Brasher
MCSE (2003,2000,NT),MCSA Security, Network+, A+
Microsoft Technical Support

This posting is provided "AS IS" with no warranties, and confers no rights.
 
Back
Top