VPN PPTP Issue on ISA 2006

2017-12-11T14:16:34+00:00 December 20th, 2011|Cloud, Windows|

We came across an issue recently , where VPN via PPTP all of a sudden stopped working after a reboot to the ISA Server.

Whenever we tried to VPN in we were getting error “800” messages on our client machines and if we did logging on the ISA we could see that our VPN attempts were just failing to connect and not actually getting denied by any rule.

image

We had a look in routing and remote access on the ISA server and checked what ports were open and we could see no PPTP ports showing at all which we would expect to see.

image

 

Also when we look at the RASMAN log (C:WindowsTracing) we could see quite a lot of errors relating failure to opening the VPN port.

[3840] 12-19 12:20:04:379: GetProtocolInfo..
[3840] 12-19 12:20:04:379: GetProtocolInfo: rc=0x0
[3840] 12-19 12:20:04:645: PortOpen (15). OpenInstances = (0)
[3840] 12-19 12:20:04:645: d:ntnetrrasrasrasmanrasmanrequest.c: 3077: port 15 state chg: prev=0, new=4
[3840] 12-19 12:20:04:645: PortOpen (15) : OpenInstances = 1
[3840] 12-19 12:20:04:645: PortOpen (16). OpenInstances = (0)
[3840] 12-19 12:20:04:645: d:ntnetrrasrasrasmanrasmanrequest.c: 3077: port 16 state chg: prev=0, new=4
[3840] 12-19 12:20:04:645: PortOpen (16) : OpenInstances = 1
[3840] 12-19 12:20:04:645: PortOpen (17). OpenInstances = (0)
[3840] 12-19 12:20:04:645: d:ntnetrrasrasrasmanrasmanrequest.c: 3077: port 17 state chg: prev=0, new=4
[3840] 12-19 12:20:04:645: PortOpen (17) : OpenInstances = 1
[3840] 12-19 12:20:04:645: PortOpen (18). OpenInstances = (0)
[3840] 12-19 12:20:04:645: d:ntnetrrasrasrasmanrasmanrequest.c: 3077: port 18 state chg: prev=0, new=4
[3840] 12-19 12:20:04:645: PortOpen (18) : OpenInstances = 1
[3840] 12-19 12:20:04:645: PortOpen (19). OpenInstances = (0)
[3840] 12-19 12:20:04:645: d:ntnetrrasrasrasmanrasmanrequest.c: 3077: port 19 state chg: prev=0, new=4
[3840] 12-19 12:20:04:645: PortOpen (19) : OpenInstances = 1
[3840] 12-19 12:20:04:645: PortOpen (35). OpenInstances = (0)
[3840] 12-19 12:20:04:645: PortOpen: failed to open port VPN9-4. 0x80000048
[3840] 12-19 12:20:04:645: PortOpen (36). OpenInstances = (0)
[3840] 12-19 12:20:04:660: PortOpen: failed to open port VPN9-3. 0x80000048
[3840] 12-19 12:20:04:660: PortOpen (37). OpenInstances = (0)
[3840] 12-19 12:20:04:660: PortOpen: failed to open port VPN9-2. 0x80000048
[3840] 12-19 12:20:04:660: PortOpen (38). OpenInstances = (0)
[3840] 12-19 12:20:04:660: PortOpen: failed to open port VPN9-1. 0x80000048
[3840] 12-19 12:20:04:660: PortOpen (39). OpenInstances = (0)
[3840] 12-19 12:20:04:660: PortOpen: failed to open port VPN9-0. 0x80000048

To resolve this issue we did the following on the ISA Server

  1. Open RegEdit
  2. Navigate to HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersReservedPorts
  3. Edit the Multi-String Value to have the following Value Data

image

 

Once the above was done and the server was rebooted the VPN kicked back into life and PPTP VPN ports displayed in Routing and Remote Access Smile

image