dslreports logo
 
    All Forums Hot Topics Gallery
spc
uniqs
28
HELLFIRE
MVM
join:2009-11-25

HELLFIRE to stevemayman

MVM

to stevemayman

Re: Strange VPN Access Problem

a) check the name resolution of the dyndns name via the connection it's working, and the one it's not

b) do a ping test to said name from both connections, also run a traceroute. Make sure your traffic
is able to make it to it, or however far it goes.

c) do a telnet to said dyndns name on port 1723 from both connections... does it show OPEN, or open a blank
black screen from window's cmd prompt?

d) grab the full 800-error and post it up here. Also try running it thru your search engine of choice. Never
heard this one off the top of my head, but ANY sort of specific error message is ALWAYS helpful for troubleshooting.

Can't tell you where'd Windows would keep the VPN logs, you may again have to do some knocking around on
the internet for this information.

My 00000010bits

Regards
stevemayman
join:2012-12-31
San Diego, CA

stevemayman

Member

Great! Exactly what I needed.

I can't ping the DYNDNS server on the failing connection. A traceroute produces the following:

Tracing route to *******.kicks-ass.org [174.65.14*.***]
over a maximum of 30 hops:

1 2 ms 1 ms 1 ms 192.168.1.254
2 22 ms 23 ms 21 ms 99-71-140-3 .lightspeed.sndgca.sbcglobal.net [99.71.140.3]
3 * * * Request timed out.
4 * * * Request timed out.
5 * * * Request timed out.
6 20 ms 23 ms 23 ms 12.83.70.141
...
13 41 ms 41 ms 41 ms 68.6.11.186
14 42 ms 40 ms 43 ms dt1xcmtk03-gex030000.sd.sd.cox.net [68.6.11.185]
15 * * * Request timed out.
(time out repeated another 10 or so times...)

Telnet connection failed on 1723.

Error 800: The remote connection was not made because the attempted VPN tunnels failed. The VPN server might be unreachable. If this connection is attempting to use an L2TP/IPsec tunnel, the security parmaeters required for IPsec negotiation might not be configured properly.

I had done quit a bit of research on Error 800 and tried a dozen different solutions to no avail. Hence the "start at the beginning" approach I am trying now. One intriguing solution was that the ISP suddenly started blocking GRE for one user, but isn't that a server side issue? Should I check with my ISP (AT&T) to see if they are doing this at my home?

I can't test the working connection right now because the one I was using is no longer up. I can try from my neighbor at work when I get back there later in the day.

Thanks for the great help!

Steve
stevemayman

stevemayman to HELLFIRE

Member

to HELLFIRE
Ok, from the working WIFI connection:

Tracing route to *****.kicks-ass.org [174.**.***.***]
over a maximum of 30 hops:

1 2 ms 1 ms 1 ms 192.168.1.254
2 19 ms 11 ms 10 ms 108-248-100-3.lightspeed.sndgca.sbcglobal.net [1
08.248.100.3]
3 * * * Request timed out.
4 * * * Request timed out.
5 * * * Request timed out.
6 12 ms 11 ms 10 ms 12.83.70.141
7 13 ms 14 ms 25 ms la2ca02jt.ip.att.net [12.123.30.189]
8 64 ms 13 ms 13 ms xe-9-2-0.lax30.ip4.tinet.net [77.67.79.173]
9 13 ms 14 ms 13 ms xe-5-0-0.lax20.ip4.tinet.net [89.149.182.194]
10 13 ms 13 ms 14 ms cox-gw.ip4.tinet.net [216.221.157.54]
11 29 ms 29 ms 28 ms fed1dsrj01-ae1.0.rd.sd.cox.net [68.1.0.205]
12 29 ms 29 ms 28 ms fed1sysc01-tec300.rd.sd.cox.net [68.6.8.1]
13 30 ms 30 ms 30 ms 68.6.11.186
14 29 ms 28 ms 29 ms dt1xcmtk03-gex030000.sd.sd.cox.net [68.6.11.185]
15 104 ms 96 ms 82 ms ip174-***-***-***.sd.sd.cox.net [174.***.***.***]

Trace complete.

Telnet port 1723 opens a blank black screen.

Where do I go from here?

Thanks!