'Fraid not. See this from the ASL Known Issues List:
ID598 o 4.008 Incoming PPTP connections may fail ------------------------------------------------ Description: Some incoming PPTP connections may fail due to a problem in one of the kernel-nat-modules Workaround: --- Fix: ---
Can you email me your VPN server address so that I might try to connect using a bogus user_id and password to see how far it gets? Have you tried disabling and then re-enabling Roadwarrior VPN? I'm really reaching here now.
emailed. I disabled and re-enabled. at home, win2k Pro sp4. same settings as your previous post, I can telnet to port 1723 on both my internal and external interface, but I can't create a connection. I still get "no answer".
Even tried restarting and I still get "no answer".
Have you tried it momentarily without a firewall on the Windows client side?? I found that a misconfigured PC firewall can mess up your PPTP quite good...
You might want to do a public service and configure a ZoneAlarm HowTo doc and submit it to Astaro; the configuration should be as 'tight' as possible. For firewall gods such as ourselves, it's not a big deal, but considering that Astaro will be getting so many ZoneAlarm/Norton Personal Firewall novices with this problem, it will save everybody a lot of headaches...
I can't seem to locate the executable for the pptp client. I found this: c:\winnt\system32\drivers\raspptp.sys
I tried to add this to list of programs that are allowed, but this didn't work.
I found a MS knowledge base article that says to basically turn off zoneAlarm if you want to use the pptp client. It says that this problem is fixed in ZA 2.76 and up, however I am using zonealarm 3.79, but I assure it the problem isn't resolved.
If someone knows the executable of the pptp client, that wouold be the proper way to fix it, but I can't seem to find it.
The solution that I came up with was to go into the firewall settings and to add a zone. Basically you add the IP Address of the PPTP end point (this would be your external interfaceif you want to the vpn in from the internet). Once this is done, you set this as a trusted network.
I attemped a connection at 10:34pm EDT using the username "jimmtest"
I got as far as "Authenticating username and passwod" at which point it failed. I got the 619 error.
If I attempt to connect to my own VPN and use a bad password I get a window asking for username and password.
Dump Zone Alarm (this is not just my advice, I've read other articles about ZA). I use Kerio 2.1.5 on all my machines and have ZERO issues.
Kerio shows the application that attempts an outbound connection with protocol 47 (used for PPTP) when I try to establish a VPN connection to my ASL as "tcpip kernel driver".
What kind of hardware are you running this on?
Are you geting something like this in your PPTP Roadwarior logs? GRE: read(fd=5,buffer=804d5a0,len=8196) from PTY failed: status = -1 error = Input/output error PTY read or GRE write failed (pty,gre)=(5,6) CTRL: Closing child BCrelay with pid 0 CTRL: Closing child ppp with pid 6584 CTRL: Client 64.83.8.216 control connection finished
There is no executable; it is part of the OS (remember? they wanted to be clever and get away from modular design after the court case)
So you can try opening ports for either the Services and Controller, or SvcHost.
I have a 4X version of Zone that appears to know how to handle Windows PPTP connections; I remember older versions of Zone could not (and PGP queries for Email were problematic too!!)
What you did is exactly what I would have fallen back to.
There is no executable; it is part of the OS (remember? they wanted to be clever and get away from modular design after the court case)
So you can try opening ports for either the Services and Controller, or SvcHost.
I have a 4X version of Zone that appears to know how to handle Windows PPTP connections; I remember older versions of Zone could not (and PGP queries for Email were problematic too!!)
What you did is exactly what I would have fallen back to.
