Home > Networking Tips > Wide Area Networks > Troubleshooting Windows VPN servers
Networking Tips:
EMAIL THIS
 TIPS & NEWSLETTERS TOPICS 

WIDE AREA NETWORKS

Troubleshooting Windows VPN servers


Robbie Harrell
08.17.2005
Rating: -4.30- (out of 5)


Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   


The Windows remote access server allows VPN clients to authenticate and to transparently connect to an internal network as if they have a direct connection to that network. This allows users to work remotely in a secure fashion. This article focuses on some common areas that should be addressed on the server side when troubleshooting VPN connection problems.

There are several aspects of the remote access server that can create issues when a VPN client connects. The VPN server must be configured properly to allow remote access. If a user is experiencing connectivity issues and you have already validated that the client is configured properly and that the end user has network reachability to the server segment, follow these steps.

  1. Validate that the server is enabled to allow remote access. Go to the following:
    • Routing and Remote Access Snap-in --> Properties --> General, and validate that the remote access server box is checked

  2. Validate the authentication provider.
    • Routing and Remote Access Snap-in --> Properties --> Security, and validate whether RADIUS or Windows Authentication is checked.

  3. Validate the authentication method.
    • Routing and Remote Access Snap-in --> Properties --> Security, and select the authentication credential mechanisms. This is usually some form of CHAP.

The server has other settings that must be configured properly, including IP settings such as IP routing, DHCP and PPP. Validate these settings as follows:

  1. Validate that the server is enabled to allow IP routing. Go to the following:
    • Routing and Remote Access Snap-in --> Properties --> IP tab, and verify that the server is configured to allow IP routing. Also verify that the server is configured to allow IP-based remote access and demand dial connections.

  2. Validate the server is configured to assign IP addresses. This can be done via a static pool of addresses or DHCP.
    • Routing and Remote Access Snap-in --> Properties --> IP Tab, and click either DHCP or Static address pool. If static address pool is clicked, a range of addresses must be configured.

This is the basic set up of the windows VPN server. There are many other features associated with a VPN session, such as authentication and encryption, that can also cause problems. The best bet is to try and get the user to connect and authenticate a simple session. Eliminate all factors outside of standard connectivity; then you can try to overlay the additional security features onto the session.

For more on the client side of the Windows 2000 VPN connection and specific steps to verify the client configuration and validate network connectivity, read the previous tip, Working with Windows VPN clients.


Robbie Harrell (CCIE#3873) is the National Practice Lead for Advanced Infrastructure Solutions for SBC Communications. He has over 10 years of experience providing strategic, business, and technical consulting services to clients. Robbie resides in Atlanta, and is a graduate of Clemson University. His background includes positions as a Principal Architect at International Network Services, Lucent, Frontway and Callisma.

Rate this Tip
To rate tips, you must be a member of SearchNetworking.com.
Register now to start rating these tips. Log in if you are already a member.


Submit a Tip




Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   


RELATED CONTENT
Wide Area Networks
WAN optimization: A market update
Remote Desktop troubleshooting
How the NetFlow protocol monitors your WAN
Network design: Five ways to lower your costs
Remote office backup, archiving and disaster recovery for networking pros
Troubleshooting WAN performance issues
Cisco CCIP MPLS certification: Introduction
Distribution of labels -- Cisco CCIP MPLS certification: Lesson 3
Label imposition -- Cisco CCIP MPLS certification: Lesson 4
Configuring MPLS -- Cisco CCIP MPLS certification: Lesson 5

Remote Offices
Expand Networks acquires software-based WAN optimization vendor
Network optimization from Cisco, Blue Coat helps deliver Olympic video
Upgrading distributed networks
WAAS accelerates collaboration, increases revenue at engineering firm
Remote Desktop troubleshooting
Configure branch office VLANs to route across WAN
Cisco and new ISR aggressively target branch office
Remote access still faces hurdles of security, disaster recovery
Remote office backup, archiving and disaster recovery for networking pros
Branch offices get security, services boost

VPN Troubleshooting
How to maintain corporate VPN connection while printing to a private network.
Can I set up a VPN on my wireless router?
How can I get our VPN to work on Windows Vista?
To set up a VPN server, do you need two NIC cards?
How do I connect to our VPN with authentication ID?
What causes my overseas VPN connection to slow during the day?
Why has the terminal server ended my connection?
How can I access each device from my network while keeping the companies' networks secure?
VPN operating system interoperability -- Configure VPNs with Windows, Checkpoint
VPN operating system interoperability -- configure VPNs with Unix

RELATED GLOSSARY TERMS
Terms from Whatis.com − the technology online dictionary
high-speed dialup  (SearchNetworking.com)
IPLC  (SearchNetworking.com)
K56flex  (SearchNetworking.com)
modem doubling  (SearchNetworking.com)
telecenter  (SearchNetworking.com)
terbo  (SearchNetworking.com)
V.xx  (SearchNetworking.com)
virtual systems management  (SearchNetworking.com)
visitor-based networking  (SearchNetworking.com)
WAN interface card  (SearchNetworking.com)

RELATED RESOURCES
2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems
Search Bitpipe.com for the latest white papers and business webcasts
Whatis.com, the online computer dictionary

DISCLAIMER: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.



Networking Solutions for Business
IT Management Solutions and Services Directory.
HomeNewsTopicsITKnowledge ExchangeTipsAsk the ExpertsMultimediaWhite PapersNetworking Product Trials
About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
SEARCH 
TechTarget provides enterprise IT professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective IT purchase decisions and managing their organizations' IT projects - with its network of technology-specific Web sites, events and magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Reprints  |  Site Map




All Rights Reserved, Copyright 2000 - 2008, TechTarget | Read our Privacy Policy 		  TechTarget - The IT Media ROI Experts