PPtP through Linksys BEFSR41

PPtP through Linksys BEFSR41

Post by Rodney Som » Wed, 24 Dec 2003 06:24:33


I am trying to get my Macintosh Titanium PowerBook 1Ghz running Mac OS
X 10.3.2 to connect through a Linksys BEFSR41 router to my corporate
VPN via PPtP. If I connect the computer directly to the cable modem,
everything works fine. When I put the computer behind the router, I get
to the negotiation phase of the connection, right before
authentication, then get a communication error messages.

I have tried:

- Disabling firewall on the computer
- Enable PPtP pass through on the router
- Enable IPSec pass through on the router
- Unblocking WAN requests on the router (shouldn't be necessary, I
believe)
- Enabling MTU with a size of 1400 (what Linksys support said to use
for Comcast cable modem)
- Updating the firmware on the router to the latest (it was actually
already at the latest when I started this)
- Following an article from the Linksys support section which described
configuring port triggering on ports 47, 1723, and 500 (seems to use
port 50 as well, thought the article doesn't specifically say so)
- Putting the computer into the router's DMZ, so that in theory it
shouldn't be blocking anything coming to the computers

Linksys support seems clueless, though the do know that they have an
option to enable PPtP pass through. Beyond that, one person sent me off
to find out what port PPtP was using - shouldn't they know that it is
using port 1723? The next person referred me to an article at
www.extremetech.com that refers to using this router to set up a PPtP
server. The info in that article doesn't seem to apply.

Does anyone have any suggestions? Do I need to simply get rid of this
router and try one from some other company or a different Linksys
router?

Thanks,

-Rodney
 
 
 

PPtP through Linksys BEFSR41

Post by ppointe » Wed, 24 Dec 2003 06:53:37


Nothing wrong with that router -- I just stopped using one a month ago,
though successfully for over a year with PPTP. Anyway, Linksys support
is spotty unless you get a really knowledgeable rep.

You've already done more than was needed, but one important thing you
have not yet tried. Please change your default LAN address to something
other than 192.168.1.x, or whatever it is. In my case, that caused
colliding IP addresses when I connected to our corporate site, because
the default LAN addresses there had the same first three octets. I
changed my router default LAN to 192.168.2.1, and the VPN immediately
started to work correctly.

The only change I can see on your list that you still need is to keep
port 1723 open. Forget that garbage about ports 47, 50, and 500. Let
the MTU setting go back to default. The DMZ junk is only useful for
testing to eliminate possible other causes. I use ZoneAlarm on my
computers, so you should be able to re-enable the firewall on your Mac.
And you do not need to enable IPSec pass through. Let us know how it
goes.

 
 
 

PPtP through Linksys BEFSR41

Post by Rodney Som » Wed, 24 Dec 2003 07:30:41

In article <BJJFb.34539$ XXXX@XXXXX.COM >,




You definitely won't find me arguing in for them at this point. ;-p

In any case, it gets a bit stranger... I set up PPtP on my PC as a
test. It manages to connect to the corporate VPN through the router
with no problem. This tells me that the issue is between Mac OS 10 and
the router. The strange thing is that I can connect when the router
isn't in place. I can't figure out what the issue would be.


It makes sense that this could be a problem, but as mentioned above, I
can connect via the PC with no problem. I tried changing my router IP
address as mentioned and reset the router with no effect.


I see in the outgoing access log that a request from this computer is
accessing port 1723. I don't have this port filtered in any way. Again,
the fact that I can connect from the PC would argue for me that it is
open.


I didn't think so, but it was suggested by Linksys and certainly won't
hurt anything as far as I can tell. If I ever decide to use the Nortel
VPN client that my company makes available for PC users, I will need
IPSec pass through, so I will just go ahead and leave it enabled.

Thanks for the help so far. Any other suggestions?

-Rodney
 
 
 

PPtP through Linksys BEFSR41

Post by ppointe » Wed, 24 Dec 2003 13:22:22


All my Mac experience is too old to be useful. I finally carried my SE
down to the ba *** t just two months ago. I had been using it to pay
bills online since 1990, but the service kicked me to their internet
portal. Not much else to do with a machine that has a 20 MB hard drive,
system 7, and no network card. I might be able to sell it for $5 on ebay.

You should probably not assume that just because you can connect the VPN
with your PC that everything is working. Verify the functionality by
utilizing a network device, such as a share, a printer, Terminal
Services, Exchange, any one thing like that. Get one of those things to
work via PPTP and I'll agree the problem is with the Mac OS configuration.

Assuming you've isolated the problem to the Mac, you may have to jump to
another ng. I see very few Mac threads pop up on this ng...