how do i configure my VPN?

Discussion in 'Windows' started by Thona, Jun 28, 2008.

Thread Status:
Not open for further replies.
  1. Thona

    Joined:
    Aug 10, 2007
    Messages:
    54
    Likes Received:
    0
    Using your client over VPN does not work with the server name. In our case, I can not set "pbx.nettecture.local" on the client as server. If i resolve the ip address manually (i.e. in a command line, ping pbx.nettecture.local), it resolved. If I then enter the ip address - it connects.

    Something is wrong with the address resolution, obviously. The same issue happens with x-lite, so I am not sure it is your client or your server.
     
  2. alsoft

    Joined:
    Jun 27, 2008
    Messages:
    35
    Likes Received:
    0
    Re: No connection from client to pbx over VPN

    Do you use a DNS server?
     
  3. darrellchapman

    Joined:
    Nov 26, 2007
    Messages:
    268
    Likes Received:
    0
    Re: No connection from client to pbx over VPN

    Thona, is this by chance the Windows PPTP VPN client connecting to a Windows Server RAS VPN?
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  4. darrellchapman

    Joined:
    Nov 26, 2007
    Messages:
    268
    Likes Received:
    0
    Re: No connection from client to pbx over VPN

    The reason I asked if it was Windows RAS and the PPTP client is that I had the same problem about a year ago (although not specifically with 3CX). This could be related to any number of things but a good place to start is to find out which DNS server is reporting that pbx.nettecture.local cannot be found on the client's computer. What's listed in your IP config (IPCONFIG /ALL) may not be the same. Perform an NSLOOKUP of pbx.nettecture.local and let us know. You might be surprised by the answer.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. darrellchapman

    Joined:
    Nov 26, 2007
    Messages:
    268
    Likes Received:
    0
    Re: No connection from client to pbx over VPN

    Matt/Thona,

    At the command prompt window type NSLOOKUP and press ENTER. What is the name of the server that's listed as your default DNS server? Is it local or is it your ISP's DNS server. Obviously your ISP cannot resolve local domain names.

    If it is your local DNS server, try typing in the name of the 3CX server so see if you get the correct IP address.

    Here, my local dns (dns1.d2ts.local) responds and then correctly resolves my 3CX machines IP address (3cx1.d2ts.local).

    Code:
    C:\>nslookup
    Default Server:  dns1.d2ts.local
    Address:  192.168.180.1
    
    >3cx1.d2ts.local
    Server:  dns1.d2ts.local
    Address:  192.168.180.1
    
    Name:    3cx1.d2ts.local
    Address:  192.168.180.25
    
    >
    
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  6. Thona

    Joined:
    Aug 10, 2007
    Messages:
    54
    Likes Received:
    0
    Re: No connection from client to pbx over VPN

    You guys are fast ;) I was travelling.

    Yea, it is oer Windows RRAS.

    I think the error is that while i enter the fully qualified host name incl. domain, it seems like the software internally just uses the host name further on, ignoring the given domain...

    ...and as the vpn does not make the domain the default extension, things break. This would definitly be a code error in one of the involved systems (pbx, client).

    Now, the point is: I can PING the phone server.

    ping pbx.nettecture.local

    WORKS.

    I use pbx.nettecture.local in the 3cx client, i expect this to work, too.

    It does not.

    Tunnels - I am not unimpresed by them, just I dont like YET ANOTHER hole in the firewall AND - for working I need to access internal systems anyway, so there is the VPN anyway.
     
  7. Nick Galea

    Nick Galea Site Admin

    Joined:
    Jun 6, 2006
    Messages:
    1,907
    Likes Received:
    201
    This is a network configuration issue, nothing to do with 3CX. We retrieve settings from Windows.

    Thona, i do wish you would not blame all your configuration errors on to 3CX right off the bat, as discussed previously.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  8. Thona

    Joined:
    Aug 10, 2007
    Messages:
    54
    Likes Received:
    0
    You are right, it could be my issue.

    Escept I can access ANY OTHER SERVICE using the fully qualified DNS name.

    RDP to all server: working
    Access to websites in the company: working
    Acecss to file server: working

    3cx: not working.

    Now guess why I blame you.On top, so far my statistics is 100% for "I report bug, you are in denial, then you suddenly repro it and I was right". The same happend with the 64 bit client graphical issue - not reproable, not happening, my fault, then suddenly it became clear that your test case missed x64 vista sp1 and the whole thing was 100% reproable.

    Again:
    If I connect via VPN to the company, and can access ALL services using the fully qualified domain name (pbx.blablabla.local), then I somehow expect your software (client and server combined) to ALSO work.

    You mean the same configuration which is ok for all systems we use otherwise - RDP, Outlook, Internet Explorer, OCS is magically somehow not working for 3cx? This is either paranoid or wrong, but it is definitly not correct. The VPN works perfectly, just I have to use fully qualified domain names instead of only the host names. I do the same with the 3cx client or xlite - I get no connection.

    It is pretty obvious for me that for some reason possibly your server (as the same thing happens on xlite, too) is not giving out the proper info. Maybe you SEND at one point the host name ONLY, instead of the host name plus the domain, which causes clients to not find the server?

    Just because you retrieve settings from Windows does not say you do it right, and the support history as well as the data in my environment indicate you provide wrong information, possibly from the server.

    Because a real network issue would somehow not make all the other programs work, or? I should not be able to sue remote desktop, to browse internal websites, to connect to file servers and to use OCS, or?

    It definitly is NOT a missing DNS - that is fixed. We have the issue now on 4 workplaces.

    The people log into VPN.
    They open our CRM (intranet website based) using the fully qualified websit ename (i.e. http://crm.nettecture.local) - works
    They start xlite or 3cx client -> no connection
    They put the ip address into the 3cx client or xlite -> connect.

    if it is the DNS - why do they find the CRM? Why can they log into OCS using "ocs.nettecture.local" as name, which resolves? Why can I successfully PING (!) pbx.nettecture.local through the vpn?

    Please enlight me. DNS resolves, using fully qualified host names (including the domain) for all other things, and they work.

    Now, if you would tell me how to get a trace from that I would GLADLY excuse for accusing you of not supporting me etc., but so far - I just can tell you: this is your problem, not my network setup. All things indicate for it.

    Personally my bet would be that one of your systems (the server most likely) sends an endpoint to connect to to the client - and uses the host name here, INSTEAD of using the fully qualified name (host+domain). With the client (connected through VPN) not being in the same DNS default domain, this then deos not resolve.

    But this would not be a VPN configuration issue.

    DNS definitly is resolving correctly for the COMPLETE computer name. And I did enter the complete name with domain into the 3cx client. If you want I can make some screenshots.

    Is there a log I could make from the client?
     
  9. Thona

    Joined:
    Aug 10, 2007
    Messages:
    54
    Likes Received:
    0
    Hehe. Yeah.

    Anyone knows of a log of communication the client could write?

    I tried Wireshark, but I can not see the VPN connection there - and looking at the traffic of the physical interface is pretty useless (only shows me encrypted GRE packets).
     
  10. darrellchapman

    Joined:
    Nov 26, 2007
    Messages:
    268
    Likes Received:
    0
    Thona,

    Can you browse to this machine in Windows Explorer using it's NETBIOS name (\\PBX\)?
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Thread Status:
Not open for further replies.