Topic: VPN problems maybe AES and TPK-IP issues

[henry44]

I had a working VPN connection from my office at the university to my home network (win xp pro vpn client) until I got back from the holiday break. Now my connection attempt hangs at the username and password verification point, times out and re-tries. It might connect on the 5th try, the first try, or not at all.

The network admins tell me that the only thing they changed was to move from TPK-IP to AES. This must have had a hand in screwing things up.

I have looked in the logs and can't see anything out of place, but I am probably not looking in the right place.

Any ideas?????????????

[Stefano]

hi

just a question: where's SME involved in this?

since openvpn is not part of the core, you should post this request in another forum (contribs one)

Ciao
Stefano

[henry44]

I am using SME 7.4 as a webserver at my home network. I was hoping that there was some aspect of the base install that dealt with this issue.

I have not installed openvpn.

[CharlieBrady]

I was hoping that there was some aspect of the base install that dealt with this issue.

Your SME server is acting as nothing more than a NAT router. You haven't told us what exactly VPN software you are using, so we can't tell what transport protocol is in use. SME server cares just as much about TPK-IP vs AES as it does what colours are in use in the image files you browse - i.e. not at all.

[chris burnat]

Moving to Contribs section where it is more appropriate.

[henry44]

All I wanted to know is what effect SME had on VPN. My answer is nothing.

Thanks.

[CharlieBrady]

All I wanted to know is what effect SME had on VPN.

Depends on what VPN. There are different VPN technologies. We don't know what you are using, and you seem reluctant to say.

My answer is nothing.

No, it as least does NAT, which will affect some VPNs. But no different to any other NAT router.

[CharlieBrady]

Moving to Contribs section where it is more appropriate.

I don't think so - I don't see any mention of contribs or modification of the SME server software.

[CharlieBrady]

I had a working VPN connection from my office at the university to my home network (win xp pro vpn client) until I got back from the holiday break.

Sorry, I missed the fact that you are trying to connect from outside to your SME server. That *is* an SME server software function.

The network admins tell me that the only thing they changed was to move from TPK-IP to AES. This must have had a hand in screwing things up.

So they have changed that in your VPN client software configuration? SME server's VPN server software doesn't support TPK-IP or AES, so I don't know what they changed, but it does sound like you might be using a VPN client (or VPN client configuration) which is not compatible with SME server.

[Tib]

Now I don't know how stable the built in VPN is in SME7.4 ... but in SME6.0 it was very unstable and since then I haven't used the built in VPN.

I installed Openvpn and haven't looked back since.

I used to have to re-boot the server to get the built VPN back on line ... I didn't know the command to restart VPN without re-booting.

Try re-starting VPN ... if you know how ... or re-boot the server and see if that helps kick it in the guts again ... just in case that problem still exists.

Regards,

Tib.

[quack]

henry44,

When the network admins told you they changed from TPK-IP to AES, I am guessing they were referring to a change in the the WiFi (wireless) encryption protocol. Ask them. Also ask them if they changed the access point(s), their locations, or their antennas.

Your statement that it sometimes work (please confirm it sometimes works) says your problem has nothing to do with whether or not the builtin SME VPN server supports TPK-IP or AES.

Although the TPK-IP AES change should have nothing to do with the the VPN connection, in practice VPN connections are affected by unreliable transmission caused by a noisy or weak WiFi signal, and the change may have affected WiFi signal quality.

Are you using a WiFi connection from the computer with the VPN client to your office network?  If so, make sure your WiFi configuration is set to AES (some WiFi access points will accept both AES or TPK-IP even though they are configured to work with one or the other). Next, can you try a wired Ethernet connection as see if the VPN works more reliably?

If you are already using wired Ethernet, try a different cable from your computer to the wall jack, and then try a different jack.