I am trying to establish a VPN connection but cannot get the connection to work.
I am using the built in MS VPN client of Win Mobile v5.0 (5.1.1700 build 14352.0.1.0)
I have tried both PPTP and L2PT
When L2TP, I was authenticating with a preshared key
Firewall logs show PPTP negotiation successful, and issues a VPN IP address to the device
It can ping the firewall external interface, but times-out trying to reach an internal address
The VPN session is established, but the firewall logs don't register either deny or allow traffic for each internal ping request, rather the firewall packet error count increments for each failed attempt.
Any help is greatly appreciated.
Related
I'm trying to VPN using GPRS to several networks which I have access to but I can't seem to be able to VPN them with my PDA2K. I can VPN them easily with no special configuration with my XP.
My i-mate keeps trying "Connectioning XX VPN..." and then aborts after about half a minute saying to check the username and password. The username and password are correct.
I called my cellular provider and they said that I should be able to connect to a VPN only if 'UDP Encapsulation' is defined on the VPN server?!?!? Well.. What is this thing? I'm trying to connect to big corp VPN, they wouldn't even listen to 'special requests'. I tried to connect to 4 different VPNs and I could not connect to any single one of them!
I really need that VPN connection via GPRS with my PDA2K. Any help would be more than appreciated. Maybe a different client than the built in VPN client of the WM2003SE ?
Thanks in advance.
Sorci
anyone?
bump for help. this gotta be a common prob.
Your GPRS connection will be subject to some form of NAT (Network Adress Translation) through your provider. VPNs don't get along well with NAT as the firewall doing the address translation modifies the packet header after it has had it's hash value calculated by the client (in this case your PDA). The receiving firewall will reject the packet as the hash values for the (now modified) packet don't match.
UDP encapsulation gets around this by encapsulating the encrypted and authenticated (secure) packet in a UDP packet which will be happily modified by the NAT'ing firewall. The receiving firewall will decapsulate(is that even a word?) the UDP packet and process secure packet inside as normal.
James
Thanks a lot Jamz for the thorough detailed info. I appreciate it.
So what's the fix? I tried several other VPNs and was unable to access them as well.. I can't just call all these providers and make some strange requests for a 'one guy with a pda2k and a gprs connection' that wants them to change their VPNs, enabling or disabling protocols or port.
Any other solution?
sorci said:
Any other solution?
Click to expand...
Click to collapse
Are you sure you're using the built-in VPN client in Windows, and not something like a Cisco VPN client?
You could try something like the Movian VPN client (not sure this is still made). I've used this previously with a Cisco VPN and it is fully configurable to handle multiple VPN types.
I've got a similar problem. Am trying to set up a temporary GPRS connection into my work LAN (I work for myself but 2nd child due shortly so want to be able to connect in from home for a couple of weeks only). I've got MS Win2000 Server set up to accept incoming VPN connections and it works fine on a dial-up connection but refuses to authenticate my username/pasword whenever I try to get the GPRS working.
As it's only going to be used for a short period of time, I'm loathe to spend out on any specific hardware/software but if anyone's got any suggestions, I'd be grateful.
If it helps, the LAN is behind a Netgear DG834GT ADSL modem/router/firewall and VPN PPTP and IPSEC are allowing in and out on it. The server is on a static IP address in the range 192.168.99.x.
GPRS Connections and VPN
With O2 you have to aks for VON connectivity to be enabled and connect to vpn.o2.co.uk instead of mobile.o2.co.uk. (by the way you can't access the web whilst connected to the vpn.o2.co.uk AP)
I suspect that most providers have simalair requirements
Dave
I am trying to establish a VPN connection but cannot get the connection to work.
I am using the built in MS VPN client of Win Mobile v5.0 (5.1.1700 build 14352.0.1.0)
I am having real problems getting a VPN connection set up with our network.
I have tried both PPTP and L2PT
When L2TP, I was authenticating with a preshared key
Firewall logs show PPTP negotiation successful, and issues a VPN IP address to the device
It can ping the firewall external interface, but times-out trying to reach an internal address
The VPN session is established, but the firewall logs don't register either deny or allow traffic for each internal ping request, rather the firewall packet error count increments for each failed attempt.
Any help is greatly appreciated.
I had problems with PPTP - gave up
I hate the way Windows mobile labels connections.
I connect to many customers with PC Anywhere, VNC, SSH etc and I have access via serveral different windows PPTP VPN.
Like you I setup the details in connections and try to dial.
Nothing seems to happen. The connect option does not change to disconnect. So I assume it is not connected.
I have a feeling these connection do not work over WIFI. and perhaps work over T-mobile 3g only, to maximise data revenues.
Seems very buggy to me. I would really like someone to post a working example/Instructions. Can I get a refund on my MDA PRo?
MS please note it is not a connection to my work or an internet connection it is to a customer for remote support, likewise I often connect remotely to my home via PPTP from my office.
confirmed VPN works over t-mobile 3g not Wifi
SEems the VPN links only work over 3g not Wi FI.
I'm using a PPTP connection over either 3G of WIFI depending on te active connection.
- When WIFI is active the PPTP connection connects using WIFI (I can switch off the phone, so it must be using that one)
- When no WIFI connection is active it automatically connects to 3G first, and than starts the PPTP session
In network management I'v set:
Internet:
Internet (the one containing the 3G connection)
select 'this network connects to the Internet' on the proxy tab.
private network:
My Work (the one that contains the vpn connection)
do NOT select 'this network connects to the Internet' on the proxy tab.
So as you can see, nothing special (I'm using a Qtek 9000 with standard Wm5 ROM)
i have isp.cingular provisioned and can connect some of the time.
1 vpn which goes to my home network works using vista as the vpn server connection. It does not always connect the first time though.
My work vpn which is pptp on a watchguard firewall, has 5% chance of actually connecting. Most of the error messages are talking about packets missing etc... When it does connect i cannot ping servers on the network but i see that the phone has a correct ip address and dns servers from the vpn. the gateway is the same as the ip assigned to the connection.
I have the same issue using the tilt over wifi from home where the vpn does not always connect at work.
I know the work vpn is fine since i use it all the time with vista's vpn dialup stuff.
Anyone got answers or ideas?
Hi,
I am trying unsuccessfully to connect to a PPTP VPN using the VPN client built into my new HTC TyTN II.
Wifi - I can connect using a WinXP SP2 laptop using wifi through my home linksys wireless router (which has PPTP passthrough enabled) using the standard Win XP vpn client. When I try with my TyTN II, I can browse ok but if I set up a VPN connection I get "VPN server problems. Verify your username and password, etc"
GPRS - If I try to connect over GPRS, I connect to Orange GPRS but when it tries to connect to the IP address of my VPN server, I get the same VPN server problem error message. (As a side issue, I asked Orange to enable my account for vpn which they did, sent a SIM update and told me to change my apn to 'internetvpn' instead of 'orangeinternet')
As I can connect through my wifi connected laptop, it seems to point to my WM6 vpn client but my forum searches suggest that the WM6 client works ok. Oh, and yes, I have checked that I am using the correct vpn username and password!
Any thoughts greatly appreciated - the ability to maintain some linux servers was my main reason for getting this phone!
_______________________________________________________
Phone - HTC TyTN from Orange
Windows Mobile 6 Professional
CE OS 5.2.1620 (Build 18125.0.4.2)
Processor QUALCOMM MSM7200-400MHz
Memory 101.63MB
Setings Device Information Version
Operator version 24.181.1.612
ROM Version 1.81.61.2.WWE
ROM Date 09/20/07
Radio version 1.27.14.32
Protocol version 22.45.88.07H
Bump!!! Same problem here. I have all the proper ports open on my router and still no luck.
I've been trying to resolve this with the people that manage my vpn server which is my case is a Watchguard firewall - apparantly Watchguard isn't compatable with PPTP on WM6 and they have suggested using IPSec and have provided me with a client (not that I've got that working yet either!)
I suggest you contact the vendor of your vpn server and ask them whether they are compatable and how a WM6 client should be configured. Post anything you find out here for the benefit of others.
WM6 don't connect to VPN over GPRS/ WiFi
Friends...
I have the same problem... the VPN server is Windows Server 2003... My PDA has WM6 (with in-build VPN client)... then VPN PPTP would work OK... but What is the wrong??
Regards...
I also could not connect on vpn over GPRS and got error message, but after I tested all installed programs I have found out that my SPB GPRS Monitor was the reason for the errors. So I killed it.
Now VPN over GPRS connects and looking into register I see that I am really connected i.e. I got DNS server IP, I got name of the local network and dynamic IP for my HTC, but nothing works. As I have found out from server guys they see me but my dynamic IP is not logged in server DNS, so no program sees me and I can not work.
Can somebody help?
Same
I have a similar problem but the difference is that i don't even receive an error message. When i click connect NOTHING happens!! The wifi i am using is an open network but I must connect to vpn to connect to the internet.
Please help as i really need to get this working...
I have been trying to iron this out with IT at my office as well. I have been trying to get WM6.1 VPN working for nearly a year.
I have a TyTnII and my IT office just bought some kind of WM6.1 Motorola/Sprint Smartphone as well which they actually asked me about setting up for them.
The problem what I am experiencing is that I CAN connect to the VPN server (I use one of the TaskMan progs that has ipconfig built it, and I am getting an appropriate IP from the VPN server). BUT I can't browse ANY intranet sites via PIE or Opera Mobile 9.5. Whenever I try to browse to an intranet site I just get nothing, browser does nothing for ~10min then gives timeout error.
I have heard that this has to do with an inbuilt error in the PPTP module of the VPN client that incorrectly makes VPN server requests using the IP address assigned by the GPRS/EDGE/3G/etc. connection rather than the IP address assigned by the VPN connection, obviously will cause problems!
Anyway, we are investigating 3rd part VPN clients...
Only IPSEC works
I also made many tries to get vpn working over BT PAN profile.
The only configuration which worked for my was IPSEC with the Safenet SoftRemote-LT Client on PC.
With the windows native pptp based vpn does not work .
I got the error code 721 what means that the GRE protocol (frame type 47 on port 1721) does not pass through. This seems to be the the real problem of the packet filtering components of the WM device. The problem is not related to bluetooth or PAN Driver, because it behaves in the same way if you try to do it over USB port. No way.
You guys might want to check out my post about getting my PPTP VPN working and actually syncing ActiveSync on a fixed schedule regularly over VPN.
http://forum.xda-developers.com/showthread.php?t=428878
Getting what you want to work over VPN requires work URL Exceptions so that the traffice is properly routed.
nkitson said:
I've been trying to resolve this with the people that manage my vpn server which is my case is a Watchguard firewall - apparantly Watchguard isn't compatable with PPTP on WM6 and they have suggested using IPSec and have provided me with a client (not that I've got that working yet either!)
I suggest you contact the vendor of your vpn server and ask them whether they are compatable and how a WM6 client should be configured. Post anything you find out here for the benefit of others.
Click to expand...
Click to collapse
Watchguard does support PPTP, your IT guys just need to configure it. As for IPSec which would be awesome because there is an app call Greenbow that will connect you over 3G doesn't work with Watchguard. You can only connect using their own client for it which needs a license and isn't support on Windows Mobile. They got a hate email from me for that crap.
I have a simple home net using mostly windows vista and 7 computers, some printers, external hd servers for backup storage and cameras in a workgroup static ip setup behind an off the shelf router. i set one of the computers as the vpn server since i dont want to buy a dedicated hardware vpn in a vista ultimate machine thats on 24/7 anyway with an incomming server... with the correct ports forwarded from the router to the vpn host.
my remote vpn laptop connects to the vpn fine and can see the network resources, however, has no internet connection once the vpn is connected. do i have to set the host vpn computer to do some sort of its own dns assignments to the incomming connection? its set for dhcp so i dont know why it would assign a valid IP to an incomming but not any other info.
in other words, on my remote laptop, i can connect to a random wireless internet hotspot and have full internet access. I can then enable vpn and log in to my home network and see all the network resources, however if i try to use an internet browser, there appears to be no internet. if i disconnect the vpn, the internet resumes to work fine and obviously the vpn resources are no longer accessable.
what am i missing? under incomming connection properties general tab, "allow others to make private..." is checked, under users the correct user is selected along with "require all users to secure...", and under networking ipv4 "allow callers to access..." is checked, and assign ip auto using dhcp is checked so I would think it should be working fine at this point, however it doesn list anywhere a gateway or dns to assine to incomming connections, only ip's.
host vpn computer is vista ultimate with static ip behind a retail router also assigned a static ip via my home isp.
the remote laptop is running ubuntu 12. just for kicks and to rule out ubuntu causing some problem, i set my android phone up for vpn use via 4g network, and the same thing happens. connects vpn fine, has local resources, but loses internet.
i also was curious as to having a vpn log in for the existing user account on the vpn host machine... in other words, should i just add the username on the host computer as a vpn client, and log in vpn using those credentials? and will that even work if that account is logged in, or will i have to remember to log out when im on the road to use the vpn connection.
thanks all!