Jump to content

DW 7000 blocking VPN completely (not just slow)


fuzzyjello

Recommended Posts

Hello all,

I've been searching through your forums and have learned a great deal about DirecWay (now Hughes).

However I have one problem that I've yet to find a solution for.  I'm lucky enough to live in a big city myself and work in an office with a nice fast T1 connection.  But one of our employees had no choice but Direcway on his property in rural Alabama.

He's already been screwed over by the fact that his web email (which runs over SSL) is dirt slow because of the fact that the accelerator doesn't work on encrypted connections.

Now were running into a problem with the VPN.  When he attempts to connect it hangs and then fails.

On the server I got the following message:

A connection between the VPN server and the VPN client 72.169.51.157 has been established, but the VPN connection cannot be completed. The most common cause for this is that a firewall or router between the VPN server and the VPN client is not configured to allow Generic Routing Encapsulation (GRE) packets (protocol 47). Verify that the firewalls and routers between your VPN server and the Internet allow GRE packets. Make sure the firewalls and routers on the user's network are also configured to allow GRE packets. If the problem persists, have the user contact the Internet service provider (ISP) to determine whether the ISP might be blocking GRE packets.

He doesn't have a router installed separately from the VPN and he's connected to the VPN without issue over dial up to this point so it's not something on his machine.

Anyone know if it's the DW7000 blocking the packets or Directway somewhere along the way?

Anyone ever had this problem or maybe a solution or suggestion?

Thanks All!

Brandon

Toronto Canada.

Link to comment
Share on other sites

Welcome to the forum Fuzzy

Most likely he will need a "static IP" from Dway for most VPNs to work.  This opens up all ports.  If he is on a standard Dway connection, the DW7000 modem disrupts the connection.  Also, if he already has the Static IP, he must configure it on the client.  The DW7000 modem will hand out private addresses unless you set it up manually on the client.

What type of VPN is this? (IPSec, SSH, SSL)?

Hope this helps...

Link to comment
Share on other sites

Thanks for the info.

The type of VPN is simply PPTP using the built in windows client on XP Pro connecting to a server running Windows SBS 2003.

As far as the static IP goes most ISP's don't give out static IP's permanently unless you pay for the business level service as you do with Direcway.  I have DSL at home and my IP on the router changes every 24 hours or so and this has never caused an issue with the VPN though.  Does the IP address on Direcway change more frequently (every couple minutes?) than a standard DSL or Cable connection?

If the professional version of Direcway also opens all the ports then isn't that the more likely reason that switching to Professional allows people's VPN connections to begin working?

Thanks for all the help!

Link to comment
Share on other sites

The professional version of Dway on a DW7000 modem does NOT open up any ports.  All it does is give higher speeds.  For PPTP to work with dway you MUST have static IP.  It does cost 30 bucks a month more. 

Dway isn't as simple as DSL, if it were, you wouldn't have as many problems.

The DW7000 modem is self-hosted, meaning that acts as a limited router.  It hands out private IPs to clients, and does not forward any ports with consumer, or professional (dynamic) service plans.

I would consider using either SSH, or Hamachi.

Bitvise makes an easy to use zero config SSH server for windows that you can try, and a free client called tunnelier that is a piece of cake to use.  It has one touch buttons for secure-telnet, RDP, and S-FTP.  It's just great!  I would recommend this because SSH works very well on Direcway. 

PPTP does not work well at all even with the static IP.  I used to try to use it, and I couldn't map drives or anything without it timing out.

Try the Bitvise SSH server, and you won't be dissapointed.  Plus you won't need the static IP.

Link to comment
Share on other sites

  • 8 months later...

Brandon, I run dw4000 and use Cisco software vpn client on my laptop and have no problems as long as the MTU is set at 1300. I'd really like to know if you get this resolved because I'm considering upgrading from the 4000 to the 7000 and need my sw vpn to continue working.

Can you have your client/customer set the MTU to 1300 and then 1200 and see if that works and let us know.

It's not uncommon to have to drop the MTU for vpn to work, I've been around this block with vpn a lot. When I was running 1500 MTU on the client, I could connect to the VPN concentrator but Outlook and other things didn't work.

Also make sure that windows firewall, Advanced tab, that the clients enet nic isn't selected, that is of course if they are running another firewall and I assume so since this is a corporate connection.

So let us know what happens please.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...