Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Unable to establish outgoing pptp vpn connection


  • Please log in to reply
11 replies to this topic

#1 supawiz6991

supawiz6991

  • Members
  • 75 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:16 AM

Posted 05 November 2013 - 07:13 PM

So im trying to establish an outgoing PPTP vpn connection (the vpn server is else where). When im behind my linksys E2000 the connection fails. if I connect directly to my cable modem im able to successfully establish a pptp vpn connection.

 

I have tried the following:

 

Put my computer in the dmz

Foward ports to my laptop (should be needed)

Enabled vpn passthough in the router

turned off firewall (both the computer and routers)

 

 

OS: Windows 7 Pro

 

I've tried everything and now im at a loss. Does anyone have any ideas?



BC AdBot (Login to Remove)

 


#2 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:04:16 PM

Posted 05 November 2013 - 07:16 PM

Please download MiniToolBox, and save it to your desktop and run it, and checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

#3 supawiz6991

supawiz6991
  • Topic Starter

  • Members
  • 75 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:16 AM

Posted 05 November 2013 - 07:54 PM

Resuilts of the requested operation are attached.

 

Attached Files


Edited by supawiz6991, 05 November 2013 - 07:55 PM.


#4 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:04:16 PM

Posted 05 November 2013 - 08:02 PM

Can you connect directly to your modem and rerun minitoolbox.

#5 supawiz6991

supawiz6991
  • Topic Starter

  • Members
  • 75 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:16 AM

Posted 05 November 2013 - 08:28 PM

Here you are sir.

 

I also have wireshark captures (one while connected to the linksys and one while direct connected to the cable modem) if they are of any use to you. In each one I started the capture attempted the connection and waited it for failure then ended the capture.

 

 

Attached Files



#6 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:04:16 PM

Posted 05 November 2013 - 08:44 PM

When you are connecting via Wireless you are getting an IP address that is located in taiwan:

inetnum:        192.192.0.0 - 192.192.255.255
netname:        TANET-C
descr:          imported inetnum object for MOEC
country:        TW
admin-c:        TA61-AP
tech-c:         TA61-AP
status:         ALLOCATED PORTABLE
remarks:        ----------
remarks:        imported from ARIN object
remarks:        inetnum:     192.192.0.0 - 192.192.255.255
remarks:        netname:     TANET-C
remarks:        org-id:      MOEC
remarks:        status:      allocation
remarks:        rev-srv:     MOEVAX.EDU.TW
When you connect via your modem you are getting the following IP:

cryptodan@alphacentari:~$ nslookup 67.241.4.224
Server:		96.244.76.115
Address:	96.244.76.115#53

Non-authoritative answer:
224.4.241.67.in-addr.arpa	name = cpe-67-241-4-224.twcny.res.rr.com.
If you are using your router as the access point, then you should be getting a 192.168.0.0 looking IP address.

#7 supawiz6991

supawiz6991
  • Topic Starter

  • Members
  • 75 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:16 AM

Posted 05 November 2013 - 09:09 PM

I've changed the internal ip address in the router. A normal address for me to get internally is 192.192.6.x  . During my latest attempt to connect the vpn my internal ip address was 192.192.6.10

 

I changed my ip away from the 192.168 scheme.



#8 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:04:16 PM

Posted 05 November 2013 - 09:31 PM

You cannot do that per the rfc's please change the scheme back to 192.168 and try again.

#9 supawiz6991

supawiz6991
  • Topic Starter

  • Members
  • 75 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:16 AM

Posted 05 November 2013 - 09:48 PM

Im afraid I dont understand... what is rfc and why does the scheme of my internal netowrks ip address offend it? My external address is still the same regardless. Ive been able to connect to this VPN server from a network where the internal ip address scheme is 10.10.10.x and its worked fine.

 

It seems to me that your thinking that the 192.192.6.x address is my external address when in fact its for my internal LAN only. My external ip address is a assigned via DHCP by my ISP.



#10 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:04:16 PM

Posted 05 November 2013 - 10:31 PM

There are 4 sets of IP address ranges that are only allowed for private networks and they are as follows:

 

127.0.0.0/8

172.16-31.0.0 to 172.31.255.255

192.168.0.0/16

10.0.0.0/8

 

All of the above IP addresses are allowed for private networks.  All other IP's are publically routeable, the above are not.  You just cannot pick any IP address out of the clear blue sky and use it.  It just doesn't work that way.

 

Please see here: http://www.iana.org/assignments/iana-ipv4-special-registry/iana-ipv4-special-registry.xml



#11 supawiz6991

supawiz6991
  • Topic Starter

  • Members
  • 75 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:16 AM

Posted 06 November 2013 - 08:54 AM

Very interesting. Seems my college education has failed me. My networking professior(s) (At two different colleges) never brought the above limitations up. Further, I was told "You can use any ip as its not seen outside the LAN". Now granted I did expect (as in the case of 192.192.6.x) that if I tried to connect to a server within that ip range thats Outside of my lan (in the WAN) that I wouldnt be able to get to it which is why I selected the one I did cause I have no interest in connection to a servers in tiwan.

 

Finding out things like this makes we wonder if these college courses are really worth it.....

 

Anywho, I'll give this a shot tonight..

 

Also I have another vnp server I connect to thats IPsec and it works fine.



#12 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:04:16 PM

Posted 06 November 2013 - 10:47 AM

Please reset your modem and go back to the 192.168.0.0/16 network or use the 10.0.0.0/8 scheme then I am quite confident that your vpn's will work all the time.

192.192.0.0/16 is well outside the private use network 192.168.0.0/16 which is 192.168.0.0 to 192.168.255.255.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users