Q:
Lost VPN Connectivity w/SBS 2003 - SOLVED
This is not a question, but a resolution to a problem I ran across recently. After having worked successfully for years, no one could connect to an SBS 2003 Standard server with VPN. Server is up to date on patches, and one of this month's patches from Microsoft may have caused the problem.
I went through all the normal steps to resolve the problem, checking for open connections (SBS can only handle 5 connections at a time), that all the parameters were set properly, the users were still permitted remote acess, starting and stopping the service. removing and re-installing VPN via the SBS wizard, and nothing worked to restore the connection.
I did a lot of Googling looking for a resolution, and most gave me the solutions I had already tried, or were talking about problems caused by ISA that did not apply in this case.I could Telnet to the port after I rebuilt the service, but I could not use the Microsoft VPN client to connect. My forehead was getting bloody from banging it into the wall.
Finally, after the umpteenth try at search terms, I found the solution on the fourth or fifth page of Google results. On this site, http://howtonetworking.com/VPN/mtu3.htm, I found the resolution, and, although the circumstances were different, I gave it a try. It worked! What is needed to be done is some registry edits to change the default MTU settings. I set the MTU value to 1400 in this case, but if you have time, and your brain has not yet become fried, you may wish to experiment with other values, though each change will require a restart.
Just so you need not go to the site, or, shoudl it disappear, here are the steps to follow to provide the resolution to the problem:
[h3]How to modify the MTU Settings for VPN Connections
on XP[/h3]
To modify the MTU settings for VPN connections, you need to add the ProtocolType DWORD
value, the PPPProtocolType DWORD value, and the TunnelMTU DWORD value to the
following registry key:
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetNdiswanParametersProtocols\0
To do so, follow these steps.
[table class="list" id="table13">
[tbody]
[tr]
[td class="number">1.[/td]
[td class="text">Click [strong class="uiterm">Start[/strong], click
[strong class="uiterm">Run[/strong], type regedit
in the [strong class="uiterm">Open[/strong] box, and then click
[strong class="uiterm">OK[/strong].[/td]
[/tr]
[tr]
[td class="number">2.[/td]
[td class="text">Locate and then click the following subkey in the registry:
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesNdisWanParameters
[/td]
[/tr]
[tr]
[td class="number">3.[/td]
[td class="text">Add a Protocols subkey (if it does not already exist). To
do so:
[table class="list" id="table14">
[tbody]
[tr]
[td class="number">a. [/td]
[td class="text">On the [strong class="uiterm">Edit[/strong] menu, point
to [strong class="uiterm">New[/strong], and then click
[strong class="uiterm">Key[/strong]. [/td]
[/tr]
[tr]
[td class="number">b. [/td]
[td class="text">Type Protocols, and then
press ENTER.[/td]
[/tr]
[/tbody]
[/table]
[/td]
[/tr]
[tr]
[td class="number">4.[/td]
[td class="text">Add a 0 (zero) subkey to the Protocols subkey. To do so:
[table class="list" id="table15">
[tbody]
[tr]
[td class="number">a. [/td]
[td class="text">Click the Protocols sub key that you created in
step 3.[/td]
[/tr]
[tr]
[td class="number">b. [/td]
[td class="text">On the [strong class="uiterm">Edit[/strong] menu, point
to [strong class="uiterm">New[/strong], and then click
[strong class="uiterm">Key[/strong]. [/td]
[/tr]
[tr]
[td class="number">c. [/td]
[td class="text">Type 0 (zero), and then
press ENTER.[/td]
[/tr]
[/tbody]
[/table]
[/td]
[/tr]
[tr]
[td class="number">5.[/td]
[td class="text">Click the 0 subkey that you created in step 4.[/td]
[/tr]
[tr]
[td class="number">6.[/td]
[td class="text">On the [strong class="uiterm">Edit[/strong] menu, point to
[strong class="uiterm">New[/strong], and then click [strong class="uiterm">
DWORD Value[/strong].[/td]
[/tr]
[tr]
[td class="number">7.[/td]
[td class="text">In the [strong class="uiterm">Value data[/strong] box, type
ProtocolType, and then click
[strong class="uiterm">OK[/strong].[/td]
[/tr]
[tr]
[td class="number">8.[/td]
[td class="text">On the [strong class="uiterm">Edit[/strong] menu, click
[strong class="uiterm">Modify[/strong].[/td]
[/tr]
[tr]
[td class="number">9.[/td]
[td class="text">In the [strong class="uiterm">Value data[/strong] box, type
800, make sure [strong class="uiterm">
Hexadecimal[/strong] is selected under [strong class="uiterm">Base[/strong],
and then click [strong class="uiterm">OK[/strong].[/td]
[/tr]
[tr]
[td class="number">10.[/td]
[td class="text">On the [strong class="uiterm">Edit[/strong] menu, point to
[strong class="uiterm">New[/strong], and then click [strong class="uiterm">
DWORD Value[/strong]. [/td]
[/tr]
[tr]
[td class="number">11.[/td]
[td class="text">Type PPPProtocolType, and
then press ENTER.[/td]
[/tr]
[tr]
[td class="number">12.[/td]
[td class="text">On the [strong class="uiterm">Edit[/strong] menu, click
[strong class="uiterm">Modify[/strong].[/td]
[/tr]
[tr]
[td class="number">13.[/td]
[td class="text">In the [strong class="uiterm">Value data[/strong] box, type
21, make sure [strong class="uiterm">
Hexadecimal[/strong] is selected under [strong class="uiterm">Base[/strong],
and then click [strong class="uiterm">OK[/strong].[/td]
[/tr]
[tr]
[td class="number">14.[/td]
[td class="text">On the [strong class="uiterm">Edit[/strong] menu, point to
[strong class="uiterm">New[/strong], and then click [strong class="uiterm">
DWORD Value[/strong]. [/td]
[/tr]
[tr]
[td class="number">15.[/td]
[td class="text">Type TunnelMTU, and then
press ENTER. [/td]
[/tr]
[tr]
[td class="number">16.[/td]
[td class="text">On the [strong class="uiterm">Edit[/strong] menu, click
[strong class="uiterm">Modify[/strong].[/td]
[/tr]
[tr]
[td class="number">17.[/td]
[td class="text">Under [strong class="uiterm">Base[/strong], click
[strong class="uiterm">Decimal[/strong], type the MTU size that you want in
the [strong class="uiterm">Value data[/strong] box, and then click
[strong class="uiterm">OK[/strong].[/td]
[/tr]
[tr]
[td class="number">18.[/td]
[td class="text">Quit Registry Editor.[/td]
[/tr]
[tr]
[td class="number">19.[/td]
[td class="text">Restart your computer.[/td]
[/tr]
[/tbody]
[/table]
Software/Hardware used:
SBS 2003 Server, Standard Edition, fully patched through October, 2009.
I went through all the normal steps to resolve the problem, checking for open connections (SBS can only handle 5 connections at a time), that all the parameters were set properly, the users were still permitted remote acess, starting and stopping the service. removing and re-installing VPN via the SBS wizard, and nothing worked to restore the connection.
I did a lot of Googling looking for a resolution, and most gave me the solutions I had already tried, or were talking about problems caused by ISA that did not apply in this case.I could Telnet to the port after I rebuilt the service, but I could not use the Microsoft VPN client to connect. My forehead was getting bloody from banging it into the wall.
Finally, after the umpteenth try at search terms, I found the solution on the fourth or fifth page of Google results. On this site, http://howtonetworking.com/VPN/mtu3.htm, I found the resolution, and, although the circumstances were different, I gave it a try. It worked! What is needed to be done is some registry edits to change the default MTU settings. I set the MTU value to 1400 in this case, but if you have time, and your brain has not yet become fried, you may wish to experiment with other values, though each change will require a restart.
Just so you need not go to the site, or, shoudl it disappear, here are the steps to follow to provide the resolution to the problem:
[h3]How to modify the MTU Settings for VPN Connections
on XP[/h3]
To modify the MTU settings for VPN connections, you need to add the ProtocolType DWORD
value, the PPPProtocolType DWORD value, and the TunnelMTU DWORD value to the
following registry key:
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetNdiswanParametersProtocols\0
To do so, follow these steps.
[table class="list" id="table13">
[tbody]
[tr]
[td class="number">1.[/td]
[td class="text">Click [strong class="uiterm">Start[/strong], click
[strong class="uiterm">Run[/strong], type regedit
in the [strong class="uiterm">Open[/strong] box, and then click
[strong class="uiterm">OK[/strong].[/td]
[/tr]
[tr]
[td class="number">2.[/td]
[td class="text">Locate and then click the following subkey in the registry:
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesNdisWanParameters
[/td]
[/tr]
[tr]
[td class="number">3.[/td]
[td class="text">Add a Protocols subkey (if it does not already exist). To
do so:
[table class="list" id="table14">
[tbody]
[tr]
[td class="number">a. [/td]
[td class="text">On the [strong class="uiterm">Edit[/strong] menu, point
to [strong class="uiterm">New[/strong], and then click
[strong class="uiterm">Key[/strong]. [/td]
[/tr]
[tr]
[td class="number">b. [/td]
[td class="text">Type Protocols, and then
press ENTER.[/td]
[/tr]
[/tbody]
[/table]
[/td]
[/tr]
[tr]
[td class="number">4.[/td]
[td class="text">Add a 0 (zero) subkey to the Protocols subkey. To do so:
[table class="list" id="table15">
[tbody]
[tr]
[td class="number">a. [/td]
[td class="text">Click the Protocols sub key that you created in
step 3.[/td]
[/tr]
[tr]
[td class="number">b. [/td]
[td class="text">On the [strong class="uiterm">Edit[/strong] menu, point
to [strong class="uiterm">New[/strong], and then click
[strong class="uiterm">Key[/strong]. [/td]
[/tr]
[tr]
[td class="number">c. [/td]
[td class="text">Type 0 (zero), and then
press ENTER.[/td]
[/tr]
[/tbody]
[/table]
[/td]
[/tr]
[tr]
[td class="number">5.[/td]
[td class="text">Click the 0 subkey that you created in step 4.[/td]
[/tr]
[tr]
[td class="number">6.[/td]
[td class="text">On the [strong class="uiterm">Edit[/strong] menu, point to
[strong class="uiterm">New[/strong], and then click [strong class="uiterm">
DWORD Value[/strong].[/td]
[/tr]
[tr]
[td class="number">7.[/td]
[td class="text">In the [strong class="uiterm">Value data[/strong] box, type
ProtocolType, and then click
[strong class="uiterm">OK[/strong].[/td]
[/tr]
[tr]
[td class="number">8.[/td]
[td class="text">On the [strong class="uiterm">Edit[/strong] menu, click
[strong class="uiterm">Modify[/strong].[/td]
[/tr]
[tr]
[td class="number">9.[/td]
[td class="text">In the [strong class="uiterm">Value data[/strong] box, type
800, make sure [strong class="uiterm">
Hexadecimal[/strong] is selected under [strong class="uiterm">Base[/strong],
and then click [strong class="uiterm">OK[/strong].[/td]
[/tr]
[tr]
[td class="number">10.[/td]
[td class="text">On the [strong class="uiterm">Edit[/strong] menu, point to
[strong class="uiterm">New[/strong], and then click [strong class="uiterm">
DWORD Value[/strong]. [/td]
[/tr]
[tr]
[td class="number">11.[/td]
[td class="text">Type PPPProtocolType, and
then press ENTER.[/td]
[/tr]
[tr]
[td class="number">12.[/td]
[td class="text">On the [strong class="uiterm">Edit[/strong] menu, click
[strong class="uiterm">Modify[/strong].[/td]
[/tr]
[tr]
[td class="number">13.[/td]
[td class="text">In the [strong class="uiterm">Value data[/strong] box, type
21, make sure [strong class="uiterm">
Hexadecimal[/strong] is selected under [strong class="uiterm">Base[/strong],
and then click [strong class="uiterm">OK[/strong].[/td]
[/tr]
[tr]
[td class="number">14.[/td]
[td class="text">On the [strong class="uiterm">Edit[/strong] menu, point to
[strong class="uiterm">New[/strong], and then click [strong class="uiterm">
DWORD Value[/strong]. [/td]
[/tr]
[tr]
[td class="number">15.[/td]
[td class="text">Type TunnelMTU, and then
press ENTER. [/td]
[/tr]
[tr]
[td class="number">16.[/td]
[td class="text">On the [strong class="uiterm">Edit[/strong] menu, click
[strong class="uiterm">Modify[/strong].[/td]
[/tr]
[tr]
[td class="number">17.[/td]
[td class="text">Under [strong class="uiterm">Base[/strong], click
[strong class="uiterm">Decimal[/strong], type the MTU size that you want in
the [strong class="uiterm">Value data[/strong] box, and then click
[strong class="uiterm">OK[/strong].[/td]
[/tr]
[tr]
[td class="number">18.[/td]
[td class="text">Quit Registry Editor.[/td]
[/tr]
[tr]
[td class="number">19.[/td]
[td class="text">Restart your computer.[/td]
[/tr]
[/tbody]
[/table]
Software/Hardware used:
SBS 2003 Server, Standard Edition, fully patched through October, 2009.
ASKED:
Oct 29 2009 1:33 PM GMT
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
0
