[SLAC: The Lab] Computer networking

Troubleshooting VPN Disconnects

Les Cottrell. Page created April 15, 2000. Last Update: April 14, 2000
SLAC Computer Services (SCS) | Network Group | Computer Networking
Related sites
SLAC Welcome
SLAC Detailed
SLAC Computing
Recent Outages
Recent Changes
Reporting Problems
We have been seeing problems with the VPN connection randomly disconnecting, the following gives some hints on troubleshooting hung VPN/PPTP connections and providing useful information. A more generic and complete guide to Troubleshooting PPTP on a Windows NT-based PPTP Client is also available. If the problem happens to you then the following information should be recorded and reported together with the problem to vpn-l@slac.stanford.edu.

Note the time & date of the disconnect. Is there any correlation with something you are doing at the time, e.g. a big file transfer or heavy network activity? What application were you using? What operating system are you using (e.g. Windows NT SP 5)? Does it always happen after a certain time (e.g. 20 minutes of inactivity)? After you lose the VPN connection does the green CD light on the Dial-up Networking Monitor window go out or is it still on even though the VPN session seems dead. If you go to the MSDOS window can you still ping your local gateway, can you ping the SLAC name server (134.79.16.9), can you ping 171.64.14.237 (www.stanford.edu) or 192.18.97.195 (www.sun.com)? If the green CD light is still on the Dial-up Networking Monitor window, when you ping do the TX & RX lights blink blue? After you disconnect from the VPN does the non VPN connection work OK or do you have to logoff/on first? Also are you on Pac Bell or Covad?

Below is some information (oriented to Windows NT) on how to get some of the information referred to above.

Note VPN Address of your Host

Note the VPN address of your host by double-clicking on the "Dial-up Network Monitoring" window.
This will bring up a window and you should note down the duration and check that the device errors are all 0. .
Click on Details and another window will pop up. In this window note down the IP Address (in this example 134.79.117.6) and the Dial-Up Server: address (in the example below 134.79.117.1).
.

Find out what you can connect to

Open up an MSDOS window and try pinging (see Troubleshooting PPTP on a Windows NT-based PPTP Client for information on ping responses) the Dial-Up server, the result should appear as:
.
If there is no response from the ping or it responds with Time-out messages then you have lost your connection to the VPN server.

Next see if you can ping your local DSL gateway. To find the address of your local gateway click on Start, choose Setting and click on Control Panel, double click on Network, click on the Protocols tab, and a Network window should appear (see below).

If the Point To Point Tunneling Protocol line appears then double click on the TCP/IP Protocol line and the Microsoft TCP/IP Properties window will appear 9see below) Note down the Default Gateway (in this example 171.66.199.89), and then go to the MSDOS window and try pinging the Default Gateway.

Check Timeouts

Next check your VPN settings for timeouts. Click on Start, choose settings, click on Control Panel, double click on Internet Properties, a window should pop up (see below).

Double click on the VPN settings (in the example labelled as SLAC VPN) and another window will pop up that appears as:

Click on the Advanced box and in the following window turn off the "Disconnect if idle" and "Disconnect when connection may no longer be needed" options.
[ Feedback ]