Windows 7, XP and VPN Service

I'm having the same problem with #2, Windows 7 client can connect 1 time fine. After disconnect, it cannot reconnect for some period of time. If I restart my VPN server, the client can connect again immediately.

Looks like I'm having similar problems. I connect to our 10.6.6 Snow Leopard server from all my apple products at home ( ipad,iphone,iMac, mac Pro, macbook) and have absolutely no problems. A number of my colleagues are trying to connect from Windoze 7 clients with varying levels of success. All the clients are configured the same way. Sometime they connect immediately sometimes they don't.

Can't be 100% certain but I also have a leopard server as my desktop system and I've configured l2tp/ipsec on that as a backup VPN server and it seems to be more reliable than the snow leopard one.

I'm not talking about loads of users here, less than 10

I have a similar problem.

Slow Leopard Mini server behind a firewall running both L2TP and PPTP.

At home Macs and iPhones connect to the VPN without problem over L2TP.

Windows XP and Vista fail to connect over L2TP, they report server not responding, and no trace on the server side, like they did not reach it at all.

If I use PPTP both the Macs and the Windows machines manage to connect but are disconnected after a dew seconds. The trace on the server side is:

2011-01-30 09:15:36 WET Incoming call... Address given to client = XXXXXXXXXXXX
Sun Jan 30 09:15:36 2011 : Directory Services Authentication plugin initialized
Sun Jan 30 09:15:36 2011 : Directory Services Authorization plugin initialized
Sun Jan 30 09:15:36 2011 : PPTP incoming call in progress from 'XXXXXXXXXXXXXXXX..
Sun Jan 30 09:15:36 2011 : PPTP connection established.
Sun Jan 30 09:15:36 2011 : using link 0
Sun Jan 30 09:15:36 2011 : Using interface ppp0
Sun Jan 30 09:15:36 2011 : Connect: ppp0 <--> socket[34:17]
Sun Jan 30 09:15:36 2011 : sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0x204e609e> <pcomp> <accomp>]
Sun Jan 30 09:15:39 2011 : sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0x204e609e> <pcomp> <accomp>]
Sun Jan 30 09:15:42 2011 : sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0x204e609e> <pcomp> <accomp>]
Sun Jan 30 09:15:45 2011 : sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0x204e609e> <pcomp> <accomp>]
Sun Jan 30 09:15:48 2011 : sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0x204e609e> <pcomp> <accomp>]
Sun Jan 30 09:15:51 2011 : sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0x204e609e> <pcomp> <accomp>]
Sun Jan 30 09:15:54 2011 : sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0x204e609e> <pcomp> <accomp>]
Sun Jan 30 09:15:57 2011 : sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0x204e609e> <pcomp> <accomp>]
Sun Jan 30 09:16:00 2011 : sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0x204e609e> <pcomp> <accomp>]
Sun Jan 30 09:16:03 2011 : sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0x204e609e> <pcomp> <accomp>]
Sun Jan 30 09:16:06 2011 : LCP: timeout sending Config-Requests
Sun Jan 30 09:16:06 2011 : Connection terminated.
Sun Jan 30 09:16:06 2011 : PPTP disconnecting...
Sun Jan 30 09:16:06 2011 : PPTP disconnected
2011-01-30 09:16:06 WET --> Client with address = XXXXXXXXXXXXX has hungup


The bottom line is that I cannot connect with windows machines at all and with Macs only over L2TP. This was tested with all the client machines behind the same router.

Any ideas would be appreciated.

J

Message was edited by: Joaquim Carvalho

Same problem here, Mac Client no problem, windows 7 client not working, server not responding.

I'm in the same boat ... having problems like #2:

- 1st connection works fine, then subsequent reconnects fail.

Server: OS/X 10.5.8 Leopard Server
Client: Windows XP SP3 using Windows VPN Client

Also seeing same issue. Mac Clients work beautifully, Windows clients fail time and again.

Found this fix for XP in searching through the forums for similar issues.
http://discussions.apple.com/message.jspa?messageID=12061464

Unfortunately I'm unable to find similar solution in Win7. Not at all sure where to make that registry edit.

Anyone know?

I've successfully used the VPN service in 10.5.x server for Win XP.

There are no major shifts with 10.6 server that would cause it to stop working.

Some key things: If it's working for Mac clients then that's a good start. Many many home-grade "routers" do not (are not capable of) properly forwarding VPN traffic.

Don't use PPTP it's the VPN equivalent of WEP and should not be used for secure(d) connections.

Next, the problem you're seeing is probably due to a default TCP setting in Win Vista and later
that can & does cause problems with some network equipment.
As one article about this known issue, see:

http://8help.osu.edu/3253.html

http://www.google.com/search?q=Windows7+TCP+WindowScaling

Try:

netsh interface tcp set global autotuninglevel=restricted

Or

netsh interface tcp set global autotunninglevel=disabled

Giving your suggestions a try. Just a heads up, even if you're admin user on Win7 host, you need to try to run cmd as Administrator. This requires some special Microsoft Foo.
http://www.howtogeek.com/howto/windows-vista/run-a-command-as-administrator-from -the-windows-vista-run-box/

Summerized: in 'Run' field type cmd, and do control-shift-enter. You'll be in as if your are root.

No joy in Win7 with changing netsh interface tcp set global autotuninglevel=disabled .

Also missed the detail on the link to the page with instructions to 'run as administrator' by right clicking the Start -> Accessories-> Command

This is the regedit needed for Windows Vista, and I'm trying it currently with Windows7
http://support.microsoft.com/kb/926179

JOY! Works now.

For those with many machines to massage, there are ways to export a regedit and send it on to users, or deploy it using Windows management tools.

@Sean Flynn and davidh,

The problems you are describing are NOT the problems this thread describes in the original post.

Again, Windows 7 will connect to VPN perfectly fine 1 time. I can use that 1 connection as much as I want perfectly fine.

Once I disconnect, all bets are off. In my case, Windows 7 will not reconnect to the VPN server at all. No log, no information of any kind on either end (well, actually Windows shows the usual useless generic error message after a timeout period).

If I restart the VPN server OR if I wait several hours, then the cycle restarts, and I can connect 1 time.

The behavior has nothing to do with firewalls, and I see it even on the same LAN with only a hub in between.

sorry to have ventured off topic, but found this thread and some suggestions on it as I was experiencing failure to connect Win7 & XP vpn clients. The regedits I did fixed those issues. They might prove useful to other forum readers.

With reconnect issue has the recreation of the vpn userkey helped any? Has it been suggested?

@hasenpfeffer2

Yours is not the original post.
See my reply in full for the first part of the origingal post.
It can, does and should work.

I supplied a known resolution for some problems some have seen with connectivity for Vista & later
with other network software & hardware.

Best regards.