Routing and Remote Access Blog

VPN articles - straight from Windows development team

Browse by Tags

Related Posts
  • Blog Post: How to debug SSTP specific connection failures

    Hi All, To all our beta testers who are trying out SSTP, first of all "many many thanks from my RRAS team". This post talks about how to debug failures specific to SSTP based VPN tunnel ( Note : I am not discussing all the error codes displayed on RAS client - as most error codes will be common...
  • Blog Post: Betterment of diagnostics for VPN connection issues in LH

    To have a better diagnostics around VPN connection issues in LH, RRAS has introduced a functionality of tagging the VPN connection related events with what is called as "Correlation-ID" (CoID). The relevant event messages are prefixed with "CoID={128 bit identifier}". Note: Not all the event messages...
  • Blog Post: Enabling logs for RRAS

    Failures for RAS connections can be debugged using RAS logs. To enable RAS logs run command “netsh ras set tracing * enabled” Now run the scenario that is failing. Now flush the RAS logs by “netsh ras set tracing * disabled” command. Check the logs at %windir%\tracing directory. Some...
  • Blog Post: Setting up the SSTP listener and verifying it

    We have seen the steps to configure a SSTP server in one of the previous posts. However, we will concentrate on on aspect of the configuration in this post in detail and the most important one too, because without this your server is not yet ready to accept SSTP connections - Setting up the SSTP listener...
  • Blog Post: Cannot reach beyond the RRAS server from VPN clients?

    Many a time we face this issue - after making a VPN connection to the Routing and Remote Access server, we are unable to reach the machine on the network behind the VPN server. Here are a few tips to troubleshoot this. Let's consider this example to understand this better. VPN Client <---Internet...
  • Blog Post: 3rd party VPN client compatibility with Windows 7 and Windows Server 2008 R2

    When you upgrade your computer from an older version of Windows to Windows® 7 or Windows Server® 2008 R2, your 3rd-party virtual private network (VPN) client programs might not work. As Windows evolves, sometimes changes to the underlying infrastructure are required to implement new features, and these...
  • Blog Post: VPN Troubleshooting QA

    Hello friends, We get questions,queries,feedback and clarifications from many people about their VPN connections through e-mail. I felt some of these Q&A might help people who face similar issues. So here it goes, the list posted as a Q&A. Query :1: IPv6 not supported on XP; Use Vista client...
  • Blog Post: Accessing Network Shares Over a VPN Connection in Windows Vista

    It is not possible to access network shares from a Windows Vista machine over a VPN connection if Net BIOS over TCP (NetBT) is disabled on one of the machines or port 139 is blocked. A fix for this problem is available from Microsoft Support. Customers just need to call support and quote the following...
  • Blog Post: Troubleshooting VPN connections : Dr. RRAS

    These are some of the common errors we come across when we make a VPN connection to a Routing and Remote Access VPN server: Connection-time errors Error 800: VPN server is unreachable This occurs often if the PPTP/L2TP packets cannot reach the VPN server. Troubleshooting steps 1. See if...
  • Blog Post: Enabling RAS Tracing in Vista/Longhorn Server

    Check http://blogs.technet.com/rrasblog/archive/2005/12/22/416421.aspx for information to enable RAS logs on the earlier Windows Versions. RAS Trace logs help in troubleshooting RAS connections related issues. On the earlier versions of Windows, "netsh ras set tracing * enabled" command enables the...
  • Blog Post: Windows Server 2008 and Windows Vista VPN issue with accessing shares

    Hello Everyone, my name is Aydin Aslaner, and I am a Support Escalation Engineer on the Microsoft Platform Networking Support team. Today I would like to talk about a issue that we were dealing with some time ago and which was quite interesting. Customer reported the following problem: ...
  • Blog Post: What type of certificate to install on the VPN server

    Hello Friends, In my previous posting related to VPN tunnel selection , I discussed various scenarios in which you need to install a certificate on the VPN server. To summarize this requirement in a nutshell: except PPTP tunnel, for all the other tunnel types (i.e. IKEv2, SSTP and L2TP/IPSec) VPN...
  • Blog Post: Ports affecting the VPN connectivity

    If you are running firewall infront of your RRAS server (i.e. between internet and RRAS) , then following are the relevant ports which needs to be opened on the firewall for VPN connectivity to be successful: a) PPTP tunnel based VPN uses TCP Port number 1723 and IP Protocol number 47 (GRE). Please...
  • Blog Post: Troubleshooting common VPN related errors

    Hello Customers, If you are seeing errors while establishing VPN connection using Windows in-built VPN client,  you have reached the right place. This article will help you to easily troubleshoot some of the common VPN related errors. 1) Error Code: 800 Error Description: The remote connection was...
  • Blog Post: Which ports to unblock for VPN traffic to pass-through?

    Little Background: Microsoft RRAS server and VPN client supports PPTP, L2TP/IPSec, SSTP and IKEv2 based VPN connection. PPTP control path is over TCP and data path over GRE. L2TP tunnel traffic is carried over IPSec transport mode and IPSec protocol internally has a control path through IKE and data...
  • Blog Post: Troubleshooting Vista VPN problems

    Hello all. There have been quite a few questions/posts on the technet forums about issues you folks have seen with Windows Vista VPN clients. So we thought we would come up with a post on the common configuration issues and some troubleshooting tips. Hope this helps others who are facing the same issues...
  • Blog Post: RRAS static packet filters - do's and don'ts

    Microsoft RRAS includes a stateless 5 tuple packet filter - also called as Inbound & Outbound packet filters (or static filters). These filters can be applied on any interface - public, private OR per PPP connection too or in other words - it can do filtering for packets destined to/originated from...