LnS problem with vpn on dial-up connection

Discussion in 'LnS English Forum' started by johngross, Oct 28, 2007.

Thread Status:
Not open for further replies.
  1. johngross

    johngross Registered Member

    Joined:
    Sep 12, 2007
    Posts:
    10
    Hi all,

    We have been using LnS for a few months now and I like it very much - at least I can make more sense of it than the Win XP personal firewall (I think!).

    Recently, our office IT people decided to integrate all in-house computers on a single server, so that we have to use Outlook 2003 to access email via Microsoft Exchange 2003. This works fine at the office, and at home we can access it using a VPN over a broadband internet connection, which also works OK on a laptop running Win XP SP2 (not completely up-to-date with the latest updates).

    Trouble is, we need to travel often to places where broadband is not available - which means we have to either use Outlook Web Access (works OK, but it means we have to stay on-line - in an internet cafe or on a slow dial-up connection - for the whole time needed to read and respond to rather large numbers of emails, many with large attachments) or - hopefully - set up a VPN access via dial-up (so that we can download mail "relatively" quickly, then go offline to read and respond to it... which is by far our preferred solution.

    By repeated testing, I have established the following:

    a) the VPN works OK on a broadband connection with LnS as firewall

    b) it works on a dial-up connection with no firewall at all (horrible thought!) or with the XP built-in firewall

    c) with LnS as firewall, on the dial-up connection, Outlook 2003 "hangs" for minutes showing "Trying to connect..." and finally fails and disconnects, sometimes with an error box saying something like "Error 0x8004011D: the server is not available".

    Our IT people have told me I need to tell LnS to allow GRE protocol 47, and to open port 1723. Both of these I think I have done, but I'm very puzzled why it works on broadband but not on dial-up... especially as a "ShieldsUP!" test from grc.com shows port 1723 as closed, both on broadband and dial-up!

    I've searched this forum for "VPN" and "dial-up", but haven't found anything that looks relevant; I've also used Google Group searches without much success. The closest I've seen to my problem are a few posts that seem to show the *opposite* problem: namely, VPN working on dial-up but not on broadband!

    Can anyone *please* help me? We leave for the US on Sunday for nearly two weeks, and I'm scared stiff of trying to access email without a firewall... and the only alternative (OWA) would be such a nuisance.

    Thanks in advance.

    johngross
     
  2. Frederic

    Frederic LnS Developer

    Joined:
    Jan 9, 2003
    Posts:
    4,354
    Location:
    France
    Hi johngross,

    On case b), was Look 'n' Stop installed but not running ? or completely uninstalled ?

    If it was uninstalled, could you perform a test with Look 'n' Stop running but not installed ?
    If this works, it is simply a configuration issue, we will investigate further.
    If it doesn't work, I'm afraid there is a conflict somewhere with the VPN, Look 'n' Stop and the DialupConnection...

    Frederic
     
  3. johngross

    johngross Registered Member

    Joined:
    Sep 12, 2007
    Posts:
    10
    Hi Frederic,

    LnS was installed but not running.

    I assume you mean "test with LnS installed but not running"... which it was.

    It looks like the former, doesn't it?

    Regards,
    johngross
     
  4. Frederic

    Frederic LnS Developer

    Joined:
    Jan 9, 2003
    Posts:
    4,354
    Location:
    France
    Hi johngross,

    So the different possibilities are:
    1- the problem comes from the Application filtering
    or
    2- the problem comes from the Internet filtering and it is a problem of adapter selection in the options
    or
    3- the problem comes from the Internet filtering and it is a rule issue

    Probably it will come from Internet filtering, but could you test case c) with only the internet filtering enabled (or only the application filtering enabled).

    For 2-: just check what is the selected adapter in the options and check what is the IP displayed in the welcome page. They should be the adapter and IP of your primary internet connection, not the IP you get on the VPN.

    For 3-: do you have special alerts in the log when you detect the problem ? (check that the ! is set for all blocking rules).

    Thanks,

    Frederic
     
Thread Status:
Not open for further replies.