none
VPN Error 807 when connecting to established VPN using Windows 7. Works with Windows XP on same setup.

    Question

  • I recently replaced my laptop (previously WIN XP SP3) with a WIN 7 Home premium laptop.  The install was clean (ie a non-upgrade).  Previously I connected with the XP laptop over a wireless home lan, through an ADSL router to our school VPN.  Worked fine.  The school VPN is running windows server 2003.  Now however the WIN 7 laptop will not connect.  Turning off the windows firewall makes no difference.  I've tried plugging directly into the public port of our VLAN at school - same problem.  I've also tried running PPTPCLNT and PPTPSRV on the two machines and get WSAETIMEDOUT error 10060 on the client which seems like it is basically the same thing.  Port detective says that port 1723 is open, not blocked.  Remote log on the server doesn't even register that a connection attempt is being made.  I can telnet to the server on ports 80, 110 and 25 but NOT 1723.  Suggestions?

    Cheers
    Tim Jackson, NZ

    Friday, March 19, 2010 11:37 PM

Answers

  • Problem resolved (for error message 809):

    The "Routing and Remote Access" service was disabled!

    Axel

    • Proposed as answer by AxBender Friday, July 30, 2010 1:07 PM
    • Marked as answer by timjak Sunday, August 29, 2010 3:50 AM
    Friday, July 30, 2010 1:07 PM

All replies

  • Hi Tim,

     

    Regarding the error, firstly, I would like to share the following with you:

     

    List of Error Codes that you may receive when you try to make a dial-up connection or a VPN connection in Windows 7

     

    Based on my research, I would like to suggest the following:

     

    1.    Check with your ISP and ensure that the needed ports are not blocked; you can also take this computer to some other network to see if it works.

     

    2.    Run the following command in an elevated command prompt to disable Windows Firewall and check the issue:

     

    Netsh advfirewall set allprofiles state off

     

    Note: you can turn back on with the command “Netsh advfirewall set allprofiles state on”.

     

    3.    Add a firewall rule for the port 1723:

     

    Add or Edit Firewall Rule

     

    Firewall Rule Wizard: Scope Page

     

    4.    If you have installed some other security software (firewall, anti-virus, anti-spyware, etc.) on the computers, please also temporarily disable or remove it and check if it works; you cal also create a rule to allow the ports to have a try.

     

    5.    Please boot the computers to clean boot and check if there are any conflicts:

     

    How to troubleshoot a problem by performing a clean boot in Windows Vista or in Windows 7

     

    Hope this helps. Thanks.


    Nicholas Li - MSFT
    Monday, March 22, 2010 7:53 AM
    Moderator
  • Hi Nicholas - thanks for this.  I'm certain that the ports aren't blocked because a windows XP machine connected to my wireless lan has no problems connecting via VPN - I tried this a couple of days ago.  I tried disabling the firewall, turning off all anti-virus software etc. and running a clean boot, as you suggested and got exactly the same problem.  I figure that if it won't run with the windows firewall turned off then it definitely won't run with it turned on.  And rather than adding rules for port 1723 I enabled the existing routing and remote access rules (in and outbound) for PPTP, L2TP and GRE which I figured would do the same thing.  When I run a netstat -n alongside the attempt to connect I see an attempt to open the port 1723 on the VPN server with a status of SYN_SENT, and then it fails and the port closes.  The netstat line is TCP  192.168.1.3:49192  202.49.23.50:1723  SYN_SENT.

    Cheers
    Tim Jackson

    Wednesday, March 24, 2010 3:54 AM
  • Hi Tim!

    were you able to resolve your problem? I tried everything I found on the Internet (Registry, Ports, Firewall, ...) to no avail. I'm really stuck. The problem is like your's (except getting 809, which indicates a firewall problem): everything is working fine with Windows XP (same router, same certificates), nothing goes for Windows 7.

    Regards

    Axel
    Friday, July 30, 2010 9:33 AM
  • Problem resolved (for error message 809):

    The "Routing and Remote Access" service was disabled!

    Axel

    • Proposed as answer by AxBender Friday, July 30, 2010 1:07 PM
    • Marked as answer by timjak Sunday, August 29, 2010 3:50 AM
    Friday, July 30, 2010 1:07 PM
  • Hey thanks Axel - that also fixed my problem.  Not sure why the service would be disabled by default, but there you go...

    Cheers

    timjak

    Sunday, August 29, 2010 3:50 AM