Hi There - I am trying to connect one of my remote servers using windows server 2008 built in vpn software to my head office server (also running winsrv2008. But it continuosly hangs on "verifying username & password", and then fails with error 806. Ive checked both windows firewalls as we are not using anything else, pptp port 1723 & gre protocol 47 are allowed. Both routers have been set up to allow vpn pass through using pptp ( we are using pptp). Ive tried to telnet from the remote server and the telnet works fine, Ive also used pptpsrv.exe on the head office server and I can see the gre packets coming in everytime we try to connect, but still it hangs. Now the twist in the tale is, if I try to connect from my home laptop to the ho server it connects in seconds Can anyone help?

Hello, Try to bring your home laptop into work and see if it can connect. Just to eliminate that your ISP or router is not the problem.Miguel Fra / Falcon IT Services Computer & Network Support, Miami, FL Visit our Knowledgebase and Support Sharepoint Site

Hi - I cant go there with my laptop because the remote site is about 6 hours away, so what I did was logged onto one of the pc's inside the remote lan and connected a vpn directly from that pc to the HO server and it worked without any problems. I have called the ISP in the past about blocking GRE packets but they claim not to be blocking anything. Anyway its definitely something on the remote server itself because everywhere else even the lan behind the remote server connects just fine?

Hi Cathyb569, Thanks for posting here. If we have no problem to dial in that server form its internal network , it indicates that we may have issues on these edge devices . maybe on local or remote site. So far, the suggestion is to double check the firewall and mapping settings on both sites with following the introductions in the link below: 4) Error Code: 806 Error Description: 806: The VPN connection between your computer and the VPN server could not be completed. The most common cause for this failure is that at least one Internet device (for example, a firewall or a router) between your computer and the VPN server is not configured to allow Generic Routing Encapsulation (GRE) protocol packets. If the problem persists, contact your network administrator or Internet Service Provider. Possible Cause: PPTP uses GRE (Generic Route Encapsulation) protocol to encapsulate the VPN payload in a secure manner.This error generally comes when some firewall in path between client and server blocks GRE Protocol (i.e. IP protocol number 47). Possible Solution: Allow both outgoing and incoming Protocol 47 (GRE) on any in between firewalls. If that is not possible, deploy SSTP based VPN tunnel on both VPN server and VPN client – that allows VPN connection across firewalls, web proxies and NAT. Troubleshooting common VPN related errors http://blogs.technet.com/b/rrasblog/archive/2009/08/12/troubleshooting-common-vpn-related-errors.aspx Thanks. Tiger Li Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

Hi Tiger I have tried all of what you have suggested previously but nothing seemed to work. Also just to clarify the vpn must go from remote server to ho server and when i vpn from a pc inside the lan on remote server it works fine this would not indicate to me that there is a problem on any edge device? In any case I had already checked to make sure port 1723 was open and allowed GRE on both firewalls but still nothing. The strange thing is for the past few days it has been working but now its stopped again?? I think your solution to setup an sstp vpn may work but I need some help with that because I have never set one up before please could you send me instructions or a link to instructions on how to do this? Thanks for all your help

Hi, You said you checked both Windows firewalls. The remote server has port 1723 outbound open on the win firewall? What type of edge devices are at both sites? Can you use them to configure a VPN between the two sites?Miguel Fra / Falcon IT Services Computer & Network Support, Miami, FL Visit our Knowledgebase and Support Sharepoint Site

Hi - Yes, 1723 is open both inbound and outbound. The router on the ho server is a 3com 11g firewall router and on the remote site its a Wireless N ADSL2+ Modem Router

Is the Server logs giving you any clues? How about the client log?Miguel Fra / Falcon IT Services Computer & Network Support, Miami, FL Visit our Knowledgebase and Support Sharepoint Site

There is nothing in the event viewer??

do you think its possible that the vpn could be failing simply because of a timeout period? The internet connection to HO can be very bad a lot of the time, the network stability here is not very good? Is their anyway to change this option??

Hi Guys - im still having the same problem, can anyone help? Thanks