Topic: VPN Client access

[Brian Anderson]

I have a 4 workstation lan in my house with E-Smith Server 5.1.2 as my gateway to the internet using a 56k Modem.  No High speed access in my area yet but hope to have it by the end of the year.  

 I am unable to make a VPN connect from Windows 95 or Windows 2000  workstation connection to the server to an outside address.   When I do a status on the VPN ICON in windows if shows that is sends bites out but nothing coming back.  I also get error "Banner Sock: The attempt to connect timed out without establishing a connection" when it first tries to connect to the destination.

This was a fresh install of E-Smith Server 5.1.2.

Has anybody been able to get VPN access to work from a workstation sitting behind an E-Smith-Server and connect to an outside destination.

If somebody got this to work, could you tell me if you had to do anything special to the E-Smith Server.

Any help would be appreciated

[Rick]

I've done this several times using this guide and it works fine

http://www.myezserver.com/docs/mitel/freeswan-howto.html

[ryan]

I have used PPTP VPN from Windows 2k on several machines.  You must have the cypher strength (internet explorer help window) at 128.  Use high encryption pack for win2k if not at 128bit.  Every win2k machine I have vpn'd with was at service pack 2.

Windows95, that is a headache, but I got it to work.  You need the 128bit DUN 1.4 update that microsoft has removed from their site.  Email me direct if you want this file.  Note that this only works with 95.  98 and 98se have their own 128bit DUN 1.4 installs, which I have those as well.  Making IE 128bit cypher in Win95/98/98SE does not make the default DUN PPP connect at 128bit.  I don't know if these can be uninstalled, so you should research this before putting on an important system.

[ryan]

I forgot......with 5.1.2, you can not make multiple VPN connections from your LAN to the same external server.  With 5.0 and 4.1.2, I was able to do this.  I looked at the log, and it shows packet buffer errors or something like that.  My problem could be solved by using IPSEC Server VPN, but it was faster to just use PPTP from both machines.  Now I only use a single VPN to a given server at a time.

[Brian Anderson]

My Windows 2k machine has service pack 2 on it plus pre SP3 patches.  I checked IE and it is at 128bit encryption.

The windows 95 pc is my wifes and she has to connect to here work through VPN.  I tested her pc with a modem and the VPN connection works fine.

Is there some setting on the server that would have to be changed.

I am going to need to be able to VPN to my work in the near future, as well as my wife connection to her work but not at the same time so I need to get this work in the next month or so.

[ryan]

If you and your wife are connecting to different VPN servers, both of you should be able to VPN at the same time (not 100% sure on this).  I have a 5.1.2 at home and was able to connect 2 computer to 2 different SME servers at the same time.  At work, I have 3 SME 5.0 servers running and have connected 5 users to the same SME external server at the same time.  

Does your work have SME in use as a server/gateway?  Maybe there is another firewall or proxy server "upstream" to the SME?  Can anyone else VPN to it from home?  Are you running personal firewall software on your win2k box?

I would try setting up your win2k box on the internet without any firewall software or hardware and attempt to VPN.  If it works, then you likely have a problem with your SME server.  I have never had a problem with VPN and E-smith or SME server with a standard server/gateway install.  You do have an active user account on the SME server right?

Keep trying.