4

This has gotten to be a major problem at our company and depending on who I ask, the problem either does not really exist (mfr. and vendor) or is insoluble ( according to most users including techs who know how to prove their point). The problem involves getting a normal Windows 7 system to connect to a normal Server 2008 R2 Server over a cellular router (usually called a Mifi). A very few brands/models appear to work but the majority cannot make the connection. Since it is a cellular device, there are many variables that come into play and I wondered if anyone had ever found a consistent way to either make one work or else prove to the providers that their equipment was at fault. They all specifically state “VPN use” on the sales brochures. But few if any work. And those that do are not reliable.
From a standpoint of pure knowledge, I just wondered if anyone knew the real reason why they fail? Pptp, L2tp, IPsec doesn’t matter. I have not tried Shrew or OpenVPN and am using strictly MS Windows protocols. Plenty of Google Searches back up my complaints but none seem to be any closer to knowing "why" they fail, just that they do.
This is a "quest for knowledge"question. I don't expect a solution. Just a reason for the problem if anyone has any ideas.

questor
  • 41
  • 2
  • 1
    While I understand you are a Windows shop, my personal experience with OpenVPN indicates that it is far, far better then the others (pptp,lt2p,ipsec) and getting through firewalls. The standard port is just simple udp over 1194, but on my systems I have it setup to also try connecting through common alternate ports that are not likely to be filtered udp/53, tcp/80, tcp/443. It works great through a NAT compared to almost everything else. – Zoredache Sep 19 '12 at 01:00
  • 1
    Not to mention, over a mobile network, you're almost always on "carrier grade NAT" which completely trashes many VPN connections. – Michael Hampton Sep 19 '12 at 11:14

2 Answers2

1

As an example, I've used the Verizon MiFi devices (3G and 4G) on a MacBook Pro to connect to remote Netgear FVS318 and FVS318G (preferred) routers, using a program called IPSecuritas. In general, I've had excellent results.

For Windows, client software is available from Netgear to talk to a remote FVS318.

In general, I strongly prefer connecting to hardware VPNs. The initial setup is almost always a far worse headache, but once configured, they stay configured. With software VPNs, the problem is that both sides of the link are vulnerable to mayhem from operating system updates.

If you need to do deep troubleshooting on a VPN link, and don't mind getting your hands dirty, I suggest you become familiar with the program "Wireshark", which can be a huge help.

Matt Heck
  • 11
  • 1
0

You may want to see if this applies:

You cannot use an USB RNDIS device to connect to a 3G or 4G network in Windows 7 or in Windows Server 2008 R2
http://support.microsoft.com/kb/2719857

Greg Askew
  • 34,339
  • 3
  • 52
  • 81