D-Link Forums

The Graveyard - Products No Longer Supported => D-Link NetDefend Firewalls => Topic started by: cakemonitor on February 03, 2014, 03:32:26 AM

Title: Site-to-site VPN issue
Post by: cakemonitor on February 03, 2014, 03:32:26 AM

Hi,

I've recently started working with a company who have a D-Link DFL-260E in the office and it connects to an off-site rackspace server running Windows Server 2012 R2. Another employee who left before I joined the company had configured an always-on site-to-site vpn to connect the two; most of the time it works fine but occasionally (once or twice a month) the link fails. I've been left workaround instructions on how to reinstate the link each time it fails [log on to the Windows server via its public IP, delete the route, restart the Routing and Remote Access service, re-add the route].

I appreciate that it might be a Windows problem and not a D-Link issue, but with the routing expertise on this forum I hoped someone would be able to advise how I can track down the cause of the fault.

The D-Link router has VPN Objects configured in its Address Book as follows:

• VPNServer - <public IP address of remote server>
• VPNNetwork - 172.16.5.0/24

A route has been set up on the D-Link as follows:

• Tunnel Protocol - PPTP
• Remote Endpoint - VPNServer
• Remote Network - VPNNetwork
• Authentication - <service account on Windows Server>

The D-Link also has a LAN interface defined and acts as a DHCP server for the office PCs on subnet: 172.16.3.0/24

On the Windows server, Routing and Remote Access is set up to enable the computer as a IPv4 router (LAN and demand-dial routing) and as an IPv4 Remote access server; authentication and accounting is provided by Windows; and on the IPv4 tab Forwarding is enabled with a static pool from 172.16.5.1 to 172.16.5.2

I've had a look in the %windir\tracing logs, but there was very little info there. I also checked the Windows event logs and found the following logged multiple times under the 'RemoteAccess' source:

• EventID 20253 - Error: The user <s2s-service-account> connected to port VPN3-126 has been disconnected because no network protocols were successfully negotiated.
• EventID 20167 - Warning: No IP address is available to hand out to the dial-in client.
• EventID 20271 - Warning: The user <various> connected from <changing IPs> but failed an authentication attempt...

The first two seem very relevant?!
(And I assume the latter is people trying to brute-force a connection by guessing credentials and I suppose there's not a lot I can do about that.)

Is there anywhere else I can look for further info in diagnosing this problem?

Can anyone recommend a fix?

Thanks for any help / advice you can offer.

Title: Re: Site-to-site VPN issue
Post by: FurryNutz on March 03, 2014, 09:53:39 AM

I recommend that you phone contact your regional D-Link support office and get immediate help and information on this.