Qwest and Windows 7 VPN
We have a new computer running 64-bit Windows 7. The other computers on our network can run various VPN sw fine, but this new one cannot connect via the VPN. It has no trouble with Internet connections in general.
It is plugged in directly to Qwest Q1000 (ActionTec) modem. We have to use PPTP as the protocol for this.
When the computer was in Chicago, it had no trouble accessing the VPN, but here in Santa Fe, no luck.
Any ideas?
It is plugged in directly to Qwest Q1000 (ActionTec) modem. We have to use PPTP as the protocol for this.
When the computer was in Chicago, it had no trouble accessing the VPN, but here in Santa Fe, no luck.
Any ideas?
0
Comments
I have logged in to the modem, and as far as I can see, nothing is blocked. The IT people at the other end of the VPN say,
The PPTP protocol needs to be able to establish a control channel
connection and a separate tunnel for the data. The control channel is a
TCP connection to port 1723 on the VPN server. Data is exchanged in a
GRE tunnel between the client and the VPN server.
I don't see any mention of GRE in the modem information.
Go into start>run>services.msc and look to the bottom for Windows Firewall and make sure it's stopped then right click on it go into properties and change the startup type to disabled.
Alternatively you could create port rules in the windows firewall software, but if you are inside a domain and behind a router already they are more trouble then they are worth.
Thanks. We are using the VPN in Windows 7, because the Cisco VPN SW does not work with 64-bit Windows 7.
The Windows 7 firewall is turned off. McAfee is running, but since this VPN works fine when connected outside the Qwest service area and, of course, not using the Q1000 modem, the firewall can't be the problem.
We tried turning off NAT, but that did not help. The modem has the possibility of port forwarding for GRE (as well as other protocols), but currently nothing is set.
Qwest insists that they don't diagnose VPN problems but made a few suggestions such as turning off NAT, but none of that helped.
According to the IT folks at the other end, the data is exchanged in the GRE tunnel while the other channel is for control.
Fortunately there is an alternative... As I was in the exact same boat as you.
A company called Shrew Soft makes a FREE 3rd party VPN software that works on all versions of windows 32/64bit and it talks to the old cisco clients you can even import the cisco .pcf key files into it. I've been migrating all our new machines to it and it works very well. The only downside is that it doesn't create a drive protocol pluggin the same way the Cisco software does (though they are working on it) so if you connect through 3g usb cards it won't work.
http://www.shrew.net/
Happy VPN'ing.
Actually, this connection worked fine when not in the Qwest service area and not using the Qwest modem, but Qwest is unable/unwilling to help with VPN issues. The VPN Server in this case is a different site intended to work with the Windows 7 PPTP setup.
But, and a big thank you, installing the Shrew VPN software and using the pcf file from the NU VPN site worked perfectly to connect to the old Cisco-compatible server.
We may never know what's wrong with the Qwest site, but we can get back to work now.
Regardless of the fact, glad the shrewsoft software is working.
This is kind of an old thread, but I thought I'd reply anyway. I had the same issue with the Windows VPN client (XP and 7) and you just have to enable application / port forwarding for the PPTP VPN port on the modem.
Open your browser and navigate to the modem configuration pages (http://192.168.0.1 if you're using the default IP), go to Advanced Setup --> Applications --> pick your local originating computer (in this case your Windows 7 computer, or put in the IP address for it manually) --> then select VPN in Application Category and PPTP VPN in the Applications dropdown. If you click view rule you'll notice that this will enable port forwarding for TCP port 1723 (PPTP VPN PORT) and the GRE protocol (which is required for PPTP VPN connections). Then click Add, it'll pop the rule down into the list below.
When I first set this up - it didn't work - and I found out from from ActionTec support (which I had to go through Qwest to get to) that the original firmware on the modem was not supporting application forwarding for PPTP protocol VPN connections correctly. They didn't detail exactly what the problem was, just pushed a firmware update to the modem that evening.
After the update - it worked fine.
Only drawback is, if you're using DHCP and you don't have it to set specific leases, you'll need to reset the rule if your IP changes.
Thanks for the tip. The Shrewsoft sw is working fine, but we'll try fiddling with this setting when we have a chance.
I am having this same issue, which version of the firmware is your q1000 reporting? I am currently using QAQ01 – 31.00L.34
Thanks for the help