cancel
Showing results for 
Search instead for 
Did you mean: 

VPN drops completely - why ?

keyshome
Dabbler
Posts: 10
Registered: 31-07-2007

VPN drops completely - why ?

I wonder if anyone might be able to help me with my first attempt to get a VPN working... and the problems I'm experiencing.

I use F9 at the office (business account) and Plusnet at home (BB+ account). I've installed a Draytek Vigor 2600VGi for VPN use at the office. At home, I'm using the Draytek software for connecting to the office via a VPN tunnel (my home router is a Netgear DG834).

I get connected without any problem. I can 'ping' the network devices (PCs etc) on the office network without any problem... for ages if required. However, once I start to use something that 'passes a fair bit of data' (e.g. collect pop3 email from the office server, or use RDP for remote control of my office PC) THEN the VPN connection 'stops' after a couple of minutes. I can still ping the internet facing IP address on the router at the office but ALL my office network devices on address range (172.x.x.x) stop responding when I ping them from home including the draytek router itself.

To get it working again, I have to disconnect the Vigor (VPN) connection and re-connect it again. But...a couple of minutes later the connection fails again.
The vigor firmware is fairly up to date so it seems unlikely to be firmware issue and the netgear is also up-to-date.

Can anyone suggest what might be causing this problem ?
Does anyone use a VPN that's working fine via F9/Plusnet currently ?
I'd be very grateful for any comments at all.
Many Thanks
Andy Keys
(I.T. Manager ... but not a very good one!)
8 REPLIES
Robtheplod
Grafter
Posts: 320
Registered: 17-08-2007

VPN drops completely - why ?

we have had a similar experience last year - are you using IPSec on the Vigor? - we found it fell over frequently using this and ended up using PPTP and the standard Windows XP VPN client - much more stable. maybe this will help?
prichardson
Grafter
Posts: 1,503
Registered: 05-04-2007

VPN drops completely - why ?

Hi,

I would ask on the Vigor support forums, as some others may be able to help there.

When PlusTalk was first launched, I had problems with a Vigor 2600V. Upgrading the firmware helped. Unfortunatly, each time they fix something in the firmware, they break something else.

The router itself works solid (apart from it rebooting once every 4 hours for the first 2 days of ownership), but I have found the features in it to be pretty unforgiving. Add the lack of IGMP and I don't know how high I would put Vigor on my shopping list (though, it's far from being bottom).

Kind Regards,
keyshome
Dabbler
Posts: 10
Registered: 31-07-2007

PPTP seems to work... up to a point

Many thanks for your comments robert90 & prichardson1.

I have now tried connecting to the Vigor using PPTP instead of L2TP/Ipsec.... results so far seem to indicate;
a) PPTP connect seems 'stable' and does not lose connection in the way that L2TP/Ipsec connection did.
b) The connection seems significantly quicker.

Only problem I've got now is that my wireless laptop doesn't seem to connect via PPTP (whereas my home PC connects via PPTP OK). Ah well, no doubt I'll stumble across the reason for this eventually.... :-)

Meanwhile, I guess I should read up on the 'security implications' of using PPTP as I seem to recall that it's 'weaker than ipsec'.

I guess I could use the 'VPN passthru' feature on the Vigor and setup a VPN server facility on one of our servers... Windows 2000 or 2003. Not sure whether this would be 'better' or not... I was hoping that the Vigor VPN facility would be easier to setup and support.
Regards
Andy Keys
keyshome
Dabbler
Posts: 10
Registered: 31-07-2007

PPTP problem resolved

My problem with the wireless laptop being unable to connect using PPTP to the vigor was resolved by adding a registry key in windows.

The resolution was outlined on the microsoft website as "PPTP clients cannot connect to a PPTP server that has multiple IP addresses (Article ID : 271731 )"

Regards
Andy Keys
Robtheplod
Grafter
Posts: 320
Registered: 17-08-2007

VPN drops completely - why ?

pleased it seems more stable!
it is much quicker as as less encryption etc than IPSec. Not as secure, but still pretty good. One other point is RDP - if you're using this, it quicker to not use a VPN as RDP is already encryped and you'll find it much quicker to use port forwarding of 3389 to your servers..
keyshome
Dabbler
Posts: 10
Registered: 31-07-2007

RDP and VPNs

Quote
RDP is already encryped and you'll find it much quicker to use port forwarding of 3389 to your servers..


I didn't realise that RDP traffic is already encrypted, I will have to read up on that. Most of my end users would simply need the RDP traffic to go to our terminal server... so port forwarding from the router should be OK for them. However, I sometimes like to gain access to my Windows XP desktop PC on the LAN... so I don't know if I'd be able to still do that if I set port forwarding on the router ?

Andy Keys.
N/A

VPN drops completely - why ?

it is encypted but it can be sucseptable to man in the middle attacks..and yes PPTP is a lot weeker than IPSec -- personaly if I had to use PPTP due to hardware issues, i would create an SSH tunnel within it to pass the traffic down, thus making it more secure.

Also, try doing VNC over SSH, instead of RDP
Robtheplod
Grafter
Posts: 320
Registered: 17-08-2007

VPN drops completely - why ?

keyshome. RDP is generally regarded as being secure enough not to go over VPN (though nothing is 100%!!). If you need access to you own PC, try VNC (within a VPN!!) as previous poster said, another program such as remote administrator (from radmin.com) - forward port 4899. I'm also sure you can use another port for RDP to you own PC but not tried it..!!