PPTP VPN Problems

chrisWhitechrisWhite Littleton, CO
edited February 2009 in Hardware
Hey, any of you guys know much about PPTP VPNs? I'm trying to get connected to two of them (Pixel Corps & fxphd) and I'm having a heck of a time doing it at home, if I take my laptop out somewhere else it connect up just fine so I think it's something with my ISP or my DSL modem. I'll throw up the details if any of you guys know much about it.

Thanks!

Comments

  • chrisWhitechrisWhite Littleton, CO
    edited February 2009
    By the way, posted in hardware because I suspect it's the DSL modem, but if there's a more appropriate section let me know.
  • kryystkryyst Ontario, Canada
    edited February 2009
    Are you connecting through a router first or straight through the modem? It's likely something as simple as having some ports locked that you need open. Now the other possibility is that it's using IPSEC over UDP and your ISP is doing something funky.
  • chrisWhitechrisWhite Littleton, CO
    edited February 2009
    Alright, so here's the details, it's long, I've been fighting it for a while so feel free to skim or ignore it entirely :)

    I'd like to connect to the VPN using two machines, one, cportable is my MacBook Pro running Leopard. The other machine, cworkstation is my Windows desktop. cportable connects to the network via wifi and ethernet, cworkstation just via ethernet.

    Here's my network topology:

    Qwest DSL Platinum (7Mbps down, 1Mbps up)
    Qwest/Actiontec M1000 Modem/router
    Dlink DGS-2208 Gigabit switch
    Apple Airport Extreme
    cportable & cworkstation

    I'm trying to connect to two VPNs, both use just the standard OS VPN integration (no Cisco clients). One is with the PixelCorps and they don't say what the ports they are using are. The other is fxphd and the ports they use are 1723, 1789, and 32771, TCP & UDP.

    Here are the error messages I get:

    Windows
    vpn_windows.jpg

    OS X - With Firewall
    vpn_osx_firewallon.jpg

    OS X - Without Firewall
    vpn_osx_firewalloff.jpg

    I've also unplugged the routers and plugged my laptop into the Qwest modem directly and nothing changes so I think the problem is either with my ISP or in the DSL modem.

    As I mentioned above I have no problem connecting to fxphd from my school network, though I did just discover that the problem persists on the pxc one, it's not the important one so I hadn't tried it before now. Either way, the pxc one gives me the message I get without the firewall and it asks me to reinter my username and password as if it's wrong, I've checked my password and I can log into my pxc account but I'm wondering if something's jacked up on their end.

    Back to the fxphd one, I've made sure that the ports listed are being forwarded correctly to my laptop's IP with no luck.

    cworkstation isn't exactly portable so I didn't try plugging it directly to my modem but I did make sure the port forwarding and firewall rules worked, I had to forward the ports from the DSL modem to my Airport Extreme and then forward the ports to cworkstation. When I used http://www.canyouseeme.org/ to check the open ports I saw that those ports weren't responding and it timed out. I previously had a port open to speed up my BitTorrent application and it does work and canyouseeme has no problem checking that port. So I pointed my torrent client to one of the vpn ports mentioned and it works fine as well.

    I spoke with Qwest about the problems yesterday and this was their response:
    We do not block any ports. We do use a DNS redirect that can interfere with some types of VPN. I can remove it and see if it works for you. Other then that we do not support VPN so you would be on your own to try and resolve the issue.

    I went ahead and had her do that but it doesn't seem to have fixed the problem (even after router reboots and flushing the DNS).

    I thought maybe it could be due to me using OpenDNS instead of the Qwest provided ones but I had the same issue when I changed that back to Qwest's DNS servers.

    I am so not a networking expert, at least Qwest doesn't block my torrents (yet).

    The support guy at fxphd said that he's seen a few ISP's block this stuff but that it didn't sound like Qwest was explicitly so I'm inclined to think it's a problem with the modem, either configuration or it just plain won't work. I'm going to go pack to factory default tomorrow morning when I'm home long enough to work on it. If I were to try a third part modem do you have any recommendations?

    Could you tell me about IPSEC over UDP?

    Thanks!
  • chrisWhitechrisWhite Littleton, CO
    edited February 2009
    In the process of troubleshooting some stuff yesterday I found out that my account credentials were broken on the PXC VPN on their end, I just heard back from their support that it was fixed and sure enough, on my laptop on my home network it fired right up without a problem, even without the ports being forwarded.

    So, my modem/ISP aren't killing all TTPT VPN traffic, of the two VPNs I connect to, it's only filtering out yours.

    Does this change any ideas on what's going on?
  • foolkillerfoolkiller Ontario
    edited February 2009
    Hi Chris,

    Have you tried to see if you can set the router into bridge mode and connect directly? I know the DD-WRT routers have a feature called PPTP passthrough, which lets PPTP work over the router, otherwise it doesn't work correctly. Generally this is due to routers blocking GRE, although usually you won't get any PPTP traffic through, there could be something on the other end of the VPN connection that's stopping traffic from reaching you, that's different from the VPN you can connect to.

    If you have any log files, they can help greatly as well, gives us an idea where the problem might be.
  • chrisWhitechrisWhite Littleton, CO
    edited February 2009
    Hey foolkiller, thanks for information!

    I'll give your suggestions a go when I have some time at home tomorrow morning, I really appreciate your help!
Sign In or Register to comment.