Windows 2003 VPN problmems.

[Ward Horsfall]

Hi,

I am having prolems with Windows 2003 Server and XP clients connecting via
PPTP. The clients actually connect however after about 10 minutes they
disconnect. The clients are using Windows XP SP2. So here are my questions:
These clients are behind a Netgear DG834 ADSL modem router with PPTP port
1723 forwarded from the internet to the server.

1. Is there some idle setting on the server or client that says
disconnect after so many minutes of activity.
2. Is there particular logging I can turn on to see why they are
disconnecting?
3. Are there any other ports I would need to forward on the ADSL
modem / router?

Any other suggestions appreciated.

Thanks,
Ward.

 

[Robert L [MS-MVP]]

this may help. quoted from http://www.ChicagoTech.net
Manage VPN connections

To manage VPN logon time, permissions, disconnect if idle for certain
minutes, maximum session other constraints, use Remote Access Policies under
RRAS.
--
For more and other information, go to http://www.ChicagoTech.net


Don't send e-mail or reply to me except you need consulting services.
Posting on MS newsgroup will benefit all readers and you may get more help.

Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN, Anti-Virus, Tips & Troubleshooting on
http://www.ChicagoTech.net
Networking Solutions, http://www.chicagotech.net/networksolutions.htm
VPN Solutions, http://www.chicagotech.net/vpnsolutions.htm
VPN Process and Error Analysis, http://www.chicagotech.net/VPN process.htm
VPN Troubleshooting, http://www.chicagotech.net/vpn.htm
This posting is provided "AS IS" with no warranties.

 

[Bill Grant]

1. Yes. This is controlled by the remote access policy.
2. You can enable logging from the RRAS console or with a netsh command.
3. No. If you can connect, you have done all you need.

 

[Ward Horsfall]

Bill,

Thanks for your help - can you clarify if I go with the default what the
disconnect idle time is in other words I do not create a specific remote
access policy?

2. Can't these policy be created with Active Directory itself or is it just
from this console?

3. I found the logging you talked about is there any further details I can
get on error codes etc?

Thanks,

Ward

 

[Ward Horsfall]

Robert,

Thanks for your reply.

As I asked bill as well One or both of you probably know- is there a
default idle time if I do not create a specific RRAS policy?

Thanks,

Ward.

 

[Bill Grant]

If the server is a domain member, just set up the remote access policy
on the RRAS server. The server should automatically be a member of the AD
RAS and IAS Servers group. You set the timeout value for a client by
clicking the Edit Profile button on the Settings page of the Remote Access
Policy. (Right-click the policy in the RRAS console).

 

[Priya Raghavan [MSFT]]

There is no default idle time. You will be connected unless you manually
disconnect.