I have to manage hundreds of VOIP PBXes, which I connect to via the Windows 7 PPTP VPN client. I've noticed that over time as I add more and more PPTP connections, the network system tray, as well as the Network & Sharing Center control panel becomes unresponsive. When trying to connect to a system, the network icon in the system tray may not respond to clicks for up to 3 or 4 minutes. Trying to connect via the icon in the Change Adapter Settings is equally unresponsive. I suspected that something may be getting corrupted when I add too many VPNs, so I tried to keep it down under 100. Even still, I noticed things starting to lag more and more. In the past, I've restored from an image, but I'd prefer to avoid that in the future. Any suggestions on how I can speed things up again?
-
1[Don't use Microsoft's PPTP implementation, it's insecure](https://www.schneier.com/pptp-faq.html). Also, managing hundreds of connections is a job for a connection management application, not... your system tray. – HopelessN00b Oct 29 '14 at 18:36
-
The PBXes have their own PPTP server implementation, I've only been using the MS PPTP client. Is their a better client you'd recommend? – pooter03 Oct 29 '14 at 18:46
-
Honestly, I only bother with IPSec, which is the way the industry is going, and has been going for quite some time. So.. no, I don't have a PPTP client I can recommend. – HopelessN00b Oct 29 '14 at 18:51
1 Answers
I'm not sure that Microsoft ever expected anybody to have that many PPTP (or, likely, any other type) of VPN connections configured. I'd be shocked if the product was tested with a configuration at that scale.
Here's a dodgy hack (that I don't, at all, feel proud of suggesting):
If the parameters for the VPN connections are identical, aside from the hostname, you could make a single PPTP connection profile with a "placeholder" hostname. Call it vpn.example.com. Then you could put together a script that:
- Prompts you for the VPN to connect to
- Modifies the
%SystemRoot%\System32\drivers\etc\hostsfile to reflect the proper IP address for the selected VPN as thevpn.example.comhostname
You could even add the rasdial command to that script to automatically "dial" the VPN connection, too.
If you needed multiple VPN connections running simultaneously you could have multiple scripts, placeholder hostnames, and connection profiles.
(I'm not proud at all for suggesting this...)
Realistically, you should probably be something better than PPTP for this. PPTP has security issues. The client, at the scale you're using it at, is clunky.
Do I have an idea for a good solution for you? No. I'd need to know a lot more about your environment to give you any suggestions.
- 141,071
- 19
- 191
- 328
-
Thanks. Unfortunately, I'm stuck with using PPTP as that is the only option this PBX offers (there are some other non-VPN options such as putting it behind a firewall and opening ports, but that creates other problems that aren't relevant at this time.) What I've been doing is changing the IP address when opening the client as needed, which is somewhat clunky, causes less harm than having a different client for every single IP. My main problem is how do I restore responsiveness to the Windows networking components? – pooter03 Oct 29 '14 at 23:35
-
I should also add that I've done some basic housekeeping chores I should have done awhile ago. I cleaned up a bunch of temp files, replaced Microsoft Security Essentials with something that isn't completely atrocious (I came across a forum post that suggested MSE could interfere with rasclient), etc. I'll see if that makes any difference tomorrow. – pooter03 Oct 29 '14 at 23:41