| All Categories |
Primers
VPN, Firewall, Security ... |
Guides
HowTo, Choosing a VPN ... |
Reference
Articles, FAQs, Whitepapers ... |
Standards
Architectures, Protocols ... |
Downloads
VPN, Firewall, Security ... |
Products & Services
Hardware, Software, Services |
| Organizations |
Business
Market Research, Law ... |
| Forums |
News
Archive, Events, Newsletters ... |
|
|
| |
| VPN labs is an open community for researching, testing, reviewing, and discussing Virtual Private Networks. Get trusted, unbiased advice on just about everything related to VPN. For more detail check: How to use this site. VPN Labs - VIRTUAL PRIVATE NETWORKS - Free VPN Software and Virtual Private Network News. |
|
|
|
|
Mattaeus
Member since:
2008-02-05 18:20:45 |  posted: 2008-02-05 18:40:15
VPN Timing out every
hour, on the hour.
----------
Salut,
Firstly
apologies if this has
been asked before; I had
a hunt through the
threads for the past 3-4
months and couldn't find
any issues similar to
mine so I'm hoping it's a
new one.
On to the
point - we have a company
with the main office
based in the UK and a
satellite office in
Australia. The main
office's network is an AD
network running on
Windows Server
2003.
I had to do
a quick cut-and-shut
solution to allow the
Australian users to
remotely access the
network, I opted for a
remote access VPN, using
the stuff that comes with
Server 2003 (PPTP),
connecting directly to
the AD machine (where you
go through the process
and select "Allow
incoming VPN
connections", yeah I know
this is really bad
practice!) The long term
objective is to set up a
site-to-site VPN, but
this solution was deemed
to suffice for
now.
Anyway, the
VPN worked fine - users
connect in via
autheticated accounts
with strong passwords,
etc, access the Intranet
and generally
work.
There is one
slight snag, however;
every hour, right on the
hour, the connection
times out.
I have
subsequently created a
RRAS server that sits in
front of the network that
authenticates the users,
to replace the above
solution, at this time
the users still
individually connect in
(phase 2, once this is
out of the way I start
the fun of working on how
to sort out site-to-site)
and it still works
fine.
The 1 hour
disconnect still
persists.
Interest
ingly it doesn't appear
to disconnect from the
VPN (the RRAS server
still registers an active
connection), it's just
that from that point, on
the hour, users are
completely unable to
browse the network and
Intranet (in my case, I
use Remote Desktop quite
a bit over the VPN to
access the office outside
of office hours and I
find the Remote Desktop
connection times out, but
I still have to manually
disconnect and connect to
the VPN again) The VPN
connection stays open and
when the user disconnects
/ reconnects the logs on
the RRAS machine pick up
on the user initiated
disconnect and user
initiated
connect.
Because
two totally different
processes are affected by
the same issue, and that
it doesn't matter what
time you connect to the
VPN it always kicks you
off on the hour, I'm
inclined to believe it's
not related to settings I
have on the AD and I'm
edging towards
configuration settings on
the Firewall / Router in
to the office to be the
cause (mainly as I've
gone through all the
Group Policies and
Terminal Services
settings to check for
timeouts).
The
router itself is a naff
BT 1800HG (which as I
understand it is
essentially a 2wire
1800HG that has been
re-branded) but I doubt
that will help
anyone.
I suppose
my first question is has
anyone come across this
before, and if no-one has
(or no-one found a
solution) is there a good
methodical process I can
follow to working out
what exactly is causing
this time out? On the
router about the only
thing I've done is the
appropriate port
forwarding (and the GRE
protocol) to allow the
VPN connections through,
I've also tweaked the MTU
size on the router so no
fragmentation occurs but
that's had no effect
either.
Apologies
for the long post, any
help would be greatly
appreciated. |
|
