PPTP server not listening on port 1723
I am having a strange problem with the built-in PPTP server in Windows 8.1. Every time that the machine is started with a cold boot, I can't connect to the VPN. I run netstat -ano, and confirm that it is not listening on TCP port 1723. It is not listed at all, so it doesn't seem to be used by another app. RRAS is running, and restarting the service does not change anything. Additionally, the "Incoming Connections" in present in the adapters page, and all the settings are correct.

However, the issue is temporarily fixed by doing a restart. After a warm boot, the server is listening on port 1723, and I can connect to it with an outside client. This rules out all network and firewall issues on the server side, and all other issues on the client side.

From my testing, it seems that if the server machine is shut down, and started from a cold boot (even after just a couple of minutes), it never listens on port 1723. I have tried setting RRAS to delayed start without success. But so far, it always listens on port 1723 after a warm boot (restarting).

Does anyone have any ideas on why this is happening? Are there any diagnostic tools that I can use to pinpoint the problem? Thanks in advance for your suggestions!
November 10th, 2014 7:30pm

PPTP uses IP   protocol 47, designed for "General Routing Encapsulation" or GRE packets. A common mistake in configuring firewalls for use with PPTP is to open PPTP port 1723 (allowing connections to be established) but forget to forward GRE protocol type 47 (denying port data from passing through the tunnel).

HTH

Milos

Free Windows Admin Tool Kit Click here and download it now
November 10th, 2014 8:50pm

Hi Milos,

As I mentioned above, after a restart (warm boot), the server machine listens on TCP port 1723, and I am able to connect it to with an external client. This is not a router configuration issue. IP Protocal 47 (GRE) and is open on the router, and TCP port 1723 is correctly forwarded. Additionally, both GRE and TCP 1723 is open in Windows Firewall.

If this was a router or firewall issue, then I would never be able to connect to the server. Instead, the issue is the fact that the server machine is NOT listening to TCP port 1723 on initial startup from a cold boot. Once I do a restart, then it starts listening on 1723, and I am able to connect. This rules out all potential router or firewall issues. What I need to figure out is why the server is not listening on initial startup, but will listen after a reboot.

November 10th, 2014 11:10pm

Hi  tenderchkn,

Have you made any change before this issue?

Please open the event viewer and check if there are any related error log. For more information about the event log, please refer to the following article. This link is about event viewer in windows 7, and it is similar in windows 8.1 .
http://windows.microsoft.com/en-us/windows/open-event-viewer#1TC=windows-7


Best regards,
Fangzhou CHEN

Free Windows Admin Tool Kit Click here and download it now
November 11th, 2014 11:07am

Hi Fangzhou,

Thanks for your suggestion to look at the event viewer. I tracked down the error, which is:

"Remote Access Connection Manager failed to start because the Protocol engine [IKEv2] failed to initialize. The request is not supported." Event ID is 20063. Are there any solutions? Why does this error only occur from a cold boot, but not after a restart? This was not an issue with Windows 7.

EDIT: Actually, the error also shows up after doing a restart (when the server is working). The error is logged every time the RRAS is started or restarted, but isn't what is causing the problem. This is the only Remote Access related error. What else should I look at?

EDIT 2: I did some more testing, and found something interesting. I tried setting "Routing and Remote Access" to Manual. After a restart, RRAS does not start by itself. I can manually start it, and the server will start listening on port 1723 (and I can connect with an external client). From a cold boot, RRAS does start by itself (even though it is set to manual), and the server machine does not listen on port 1723. Stopping and restarting RRAS does not change anything.

I tried setting RRAS to disabled, and starting from a cold boot. After I enable it and manually start the service, the server works (listens on 1723, and I can connect). This seems like some other service is controlling RRAS when doing a cold boot, and causing problems. Is there a way to find out what services RRAS is a dependency of, and which one is starting it up?


  • Edited by tenderchkn Wednesday, November 12, 2014 4:27 AM
November 12th, 2014 3:03am

it is strange, use the clean boot to exclude the function of third-party app

http://support2.microsoft.com/kb/929135/en-us

Free Windows Admin Tool Kit Click here and download it now
November 17th, 2014 6:03pm

In Windows 10 I found out, that similar problem can be solved by disabling Fast startup checkbox in Power options - Power button options.
September 6th, 2015 12:22pm

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics