VPN Issues with W2K

  • Thread starter Thread starter Freedom
  • Start date Start date
F

Freedom

Hi all - thank you in advance for your help!

Questions:
1) Has anyone else seen this?
2) PLEASE HELP!!! How do we fix it?
3) Any ideas on how to set a "keepalive" from the server to automatically
ping VPN clients every X seconds?

Situation:
We have a W2K Server SP4 Domain Controller, with DHCP, DNS/AD, WINS, IIS,
Exchange running on it, which we also use as our PPTP VPN server. This
server is located behind a Linksys wired router, running simple NAT with
RIP1, which translates our External public static internet IP to Internal is
Private 10.x.x.x/255.255.255.0. Linksys is NOT running DHCP or VPN
endpoint, just doing NAT and packet filtering. The W2K Server is doing all
of the work. W2K Server has a single NIC, with a static private 10.x.x.x IP
address. Everything is running flawlessly on the LAN side, and all VPN
client systems are W2K SP4.

Problem:
VPN clients can connect to the W2K VPN server using PPTP, and successfully
receive DHCP address leases from the W2K server. Everything works just fine
initially - can browse the network, communicate with Exchange, etc., but
this only works for a little while. The exact time is uncertain and seems
to vary, but somewhere after about 15-20 minutes, the VPN client computer
can no longer ping any of the LAN devices, including the server. This
applies to both IP and NetBIOS pings, even if the NetBIOS is hard coded into
the client machine's HOSTS file. The VPN connection is not dropped, and the
Transmit (TX) counter increases on the client side when pinging, but no
replies and no increase in the Receive (RX) counter. If I ping the client
from the Server, the ping immediately goes through, and then the client can
once again communicate with the network for a while, until the whole thing
starts over again. I have used both "ping -t 10.x.x.x." and "ping-t
ServerName" command from the client to make it ping the server incessantly,
and when the ping is not responding, it will get "Request timed out." until
I try just 1 ping from the server, at which time the client immediately
starts getting good low latency ping replies. Same instant positive result
applies if I run "nbtstat -a ClientMachineName". Clearly, it has something
to do with the Server forgetting which machines are connected to it via VPN,
even though the VPN connections are obviously not dropped or broken.
Problem occurs to all VPN users, any time of day, regardless of heavy or low
network congestion. Total number of VPN users is less than 10.

Please reply to the newsgroup.

Thank you in advance!
-- Freedom
 
Back
Top