Hello.
We currently have two SGS360 gateways, these gateways have two WAN ports - each of which is connected to a DSL modem. Each modem is connected to a different ISP (two on one ISP and two on another). All four modems have static IP addresses assigned to us by our ISP(s). Both of the SGS360's have live update enabled and are currently running firmware version 2.1.0 Build 922.
Holes have been punched in the firewalls to allow WEB, SMTP and PPTP traffic through and forward them to the appropriate server on the LAN side - port forwarding of WEB and SMTP work fine, PPTP however only works reliably through WAN 1 of each gateway - attemps to connect via windows VPN client to a Windows 2000 server RRAS on the other side through WAN 2 times out with Error 721....it gets to the verifying username and password stage and just sits there for 30 seconds or so.
I've captured packets during both connection attempts and the only thing I can see is that over WAN 1 our RRAS server sends CHAP Challenges to the client which duly responds with a CHAP response, on WAN 2 however these CHAP packets are either not being generated or are not been forwarded correctly. There is also a series of LCP Configuration requests sent from the client and a series of LCP Configuration NAK's sent back from the server. This is repeated for the WAN1 except for the inclusion of the CHAP packets!
Symantec have assured me that there gateways can and do forward/allow IP protocol GRE through and this would be indicated with the successfull connections via WAN 1. We have four ADSL modems 2 of which are the same and two of which are different; the models are listed below;
Gateway 1 WAN 1: Zytel Prestige 650H
Gateway 1 WAN 2: USRobotics SureConnect ADSL modem
Gateway 2 WAN 1: Zytel Prestige 650H
Gateway 2 WAN 2: DLINK DSL 504T
On occasion WAN 2 does allow PPTP but this is a 1/20 chance and is no-where near as reliable as required.
I've been looking at this problem for a couple of weeks now and its driving me mad, I'm hoping one of you guru's can give us a hand - thanks in advance.
euskills
We currently have two SGS360 gateways, these gateways have two WAN ports - each of which is connected to a DSL modem. Each modem is connected to a different ISP (two on one ISP and two on another). All four modems have static IP addresses assigned to us by our ISP(s). Both of the SGS360's have live update enabled and are currently running firmware version 2.1.0 Build 922.
Holes have been punched in the firewalls to allow WEB, SMTP and PPTP traffic through and forward them to the appropriate server on the LAN side - port forwarding of WEB and SMTP work fine, PPTP however only works reliably through WAN 1 of each gateway - attemps to connect via windows VPN client to a Windows 2000 server RRAS on the other side through WAN 2 times out with Error 721....it gets to the verifying username and password stage and just sits there for 30 seconds or so.
I've captured packets during both connection attempts and the only thing I can see is that over WAN 1 our RRAS server sends CHAP Challenges to the client which duly responds with a CHAP response, on WAN 2 however these CHAP packets are either not being generated or are not been forwarded correctly. There is also a series of LCP Configuration requests sent from the client and a series of LCP Configuration NAK's sent back from the server. This is repeated for the WAN1 except for the inclusion of the CHAP packets!
Symantec have assured me that there gateways can and do forward/allow IP protocol GRE through and this would be indicated with the successfull connections via WAN 1. We have four ADSL modems 2 of which are the same and two of which are different; the models are listed below;
Gateway 1 WAN 1: Zytel Prestige 650H
Gateway 1 WAN 2: USRobotics SureConnect ADSL modem
Gateway 2 WAN 1: Zytel Prestige 650H
Gateway 2 WAN 2: DLINK DSL 504T
On occasion WAN 2 does allow PPTP but this is a 1/20 chance and is no-where near as reliable as required.
I've been looking at this problem for a couple of weeks now and its driving me mad, I'm hoping one of you guru's can give us a hand - thanks in advance.
euskills
