Tuesday, November 13, 2012 3:58 PM
I have installed TMG 2010 STD on Windows Server 2008 R2 STD, This server is installed on an Hyper-V machine, also running Windows Server 2008 R2 STD. On the hyper-v I removed the TCP-IP/v4 check mark to ensure no comunitation is established througt that network connection. On TMG i've turned on VPN connection for PPTP clients. All fine and running.
When the users started to connect some of them connected fine... BUT some couldn't... They receive error: A connection between the VPN server and the VPN client **.***.***.** has been established, but the VPN connection cannot be completed. The most common cause for this is that a firewall or router between the VPN server and the VPN client is not configured to allow Generic Routing Encapsulation (GRE) packets (protocol 47).
After a lot of time... and trying to solve the problem, I though... hey... maybe it is some problem on the Router... so... I bough another... same problem... So I bought yet another (Cisco LincSys/SMC/Cisco LincSys). Nothing... didn't worked. I shutdown the 1st TMG, removed it from the Domain (Windows 2008) and... installed another TMG 2010... puff... same problem.
Still a clue, If those clients that cannot connect to the VPN, connect first to another VPN also on PPTP with TMG... they can connect with no problems.
I have NO idea of what the problem is... can someone help me?
There are some how says "The Solution is to disable PPTP filter on PPTP protocol" but my TMG doens't give me the option to disable it... just shows me properties.
The lan is configured as this:
Router-> 192.168.1.1 (default gateway) -> TMG 192.168.1.3
TMG -> 10.10.1.224/255.255.0.0
DC -> 10.10.1.221
>netstat -ano |findstr ":1723"
TCP 0.0.0.0:1723 0.0.0.0:0 LISTENING 4
TCP 192.168.1.3:1723 10.10.1.1:50280 TIME_WAIT 0
TCP 192.168.1.3:1723 184.108.40.206:50457 ESTABLISHED 4
TCP 192.168.1.3:1723 220.127.116.11:25606 CLOSE_WAIT 4
TCP 192.168.1.3:1723 18.104.22.168:25609 CLOSE_WAIT 4
TCP 192.168.1.3:1723 22.214.171.124:25610 CLOSE_WAIT 4
TCP 192.168.1.3:1723 192.168.1.24:57254 ESTABLISHED 4
TCP 192.168.1.3:13135 192.168.1.3:1723 ESTABLISHED 2888
TCP 192.168.1.3:16684 192.168.1.3:1723 ESTABLISHED 2888
UDP 192.168.1.3:17238 *:* 2888
- Edited by myseLFFF Tuesday, November 13, 2012 5:03 PM
Friday, November 16, 2012 3:19 AMModerator
Thank you for the post.
Please refer to this kb:http://support.microsoft.com/kb/2625737/en-us
Nick Gu - MSFT
- Proposed As Answer by Nick Gu - MSFTMicrosoft Contingent Staff, Moderator Monday, November 19, 2012 1:40 AM
- Marked As Answer by Nick Gu - MSFTMicrosoft Contingent Staff, Moderator Tuesday, November 20, 2012 9:19 AM