2
I like to work out of coffee shops on weekends as a way to relax. However, sometimes when exploring new spots, it's inexplicably difficult to make a VPN connection to my office. I'm not terribly skilled in reading the logging output from the diagnostics built in with windows when the windows VPN client fails, though--is there a different way to detect a situation when VPN is being disallowed?
bwerks
Posted 2011-07-20T10:32:30.803
Reputation: 1 363
3
One way to check is simply to use telnet to the port your VPN client needs. For example if you use a PPTP client, you would use port 1723 and this command from a command prompt:
telnet vpn.domain.com 1723
If the screen does something and just goes black, it works, but if it returns this error, you are out of luck...the port you need is blocked:
Connecting To vpn.domain.com...Could not open connection to the host, on port 1723: Connect failed
This is for Windows, it may be slightly different for Linux. You can ask your administrator what ports your specific type of VPN uses.
Of course, simply trying it is the easiest way since if it does not connect, chances are you can't fix the problem anyway.
KCotreau
Posted 2011-07-20T10:32:30.803
Reputation: 24 985
This isn't enough to test for a PPTP VPN, as IP Protocol 47 (GRE) also needs to be enabled, and this cannot be tested for in the same way. For IPSec, UDP ports 500 and 4500 along with IP Protocols 50 (ESP) and 51 (AH) are also required, again difficult to do a simple test for from the command line. – Mike Insch – 2011-07-20T12:12:31.070
@Mike Insch I was just giving an example (I wrote "for example). You would need to test the data port, in particular, which if that works, in most cases they are not blocking random ports. Yes, there are other things that could stop it, especially GRE. I am not suggesting that he try to test for every port that his VPN may use, but simply a general test. I also did say that the easiest way is simply to try it. – KCotreau – 2011-07-20T12:16:06.447