If you have the Pace 5268AC modem / router skip down below to see why you need to call AT&T and request a different model router.

Point-to-Point Tunneling Protocol (PPTP) uses TCP port 1723 and IP port 47 Generic Routing Encapsulation (GRE).  Setting up a PPTP client in windows is easy.

My first pass attempt at setting up a PPTP VPN server on my home network was with a Cisco RV100W.  Its interface was a bit clunky. I never got far enough to get enough clues to solve the real problem of the Pace 5268AC modem / router. 

In the next attempt I used a TP-Link TL-R600VPN.

I set up the following items 

  1. Router / Modem: Ports 1723 and 47 to allow the PPTP traffic in and out
  2. TP-R600VPN:  set WAN port to fixed 192.168.1.1 on the router / modem LAN
  3. TP-R600VPN: set the LAN on the Tp-Link to be 192.168.0.1 – this is so the NAT does not get confused. It is a bit annoying as it puts it on a subnet different from the modem and thus you can not dial in to it.
  4. TP-R600VPN:  did not yet turn on DDNS successfully.

After doing this I got a different error when I tried to dial into the VPN.   At this point I started to look at the log of the VPN client. In order to do this you tick the box on the MS PPTP client then you have to open up a computer management window per the instructions in the following page: 

PPTP Connection, where is the log file stored when "Enable Logging" is selected?

The log read as follows: 

CoId={51FF0292-D97E-48C8-86D5-D3A0743BB55D}: The user Smokey\freemonsandlewould has started dialing a VPN connection using a per-user connection profile named  xxxVPN Connection. The connection settings are: Dial-in User = Effingtoniii

CoId={51FF0292-D97E-48C8-86D5-D3A0743BB55D}: The user Smokey\freemonsandlewould is trying to establish a link to the Remote Access Server for the connection named xxxVPN Connection using the following device: 
Server address/Phone Number = xxx.xxx.xxx.xxx

CoId={51FF0292-D97E-48C8-86D5-D3A0743BB55D}: The user Smokey\freemonsandlewould has successfully established a link to the Remote Access Server using the following device: 
Server address/Phone Number = xxx.xxx.xxx.xxx
Device = WAN Miniport (PPTP)

CoId={51FF0292-D97E-48C8-86D5-D3A0743BB55D}: The link to the Remote Access Server has been established by user Smokey\freemonsandlewould.

CoId={51FF0292-D97E-48C8-86D5-D3A0743BB55D}: The user Smokey\freemonsandlewould dialed a connection named xxxVPN Connection which has terminated. The reason code returned on termination is 829.

At this point I could see that authentication had been successful and that there must be some sort of other issue.  The Error 829 (ERROR_LINK_FAILURE) suggests a physical layer issue where the link went down.

 


I tried to set up a PPTP server using two different models of router hung off of my Pace 5258AC router. Neither attempt worked. At this point I found a note:

How to configure VPN function on TP-LINK Routers – pdf

At this point I went searching on my Pace 5268AC router to set it to pass through PPTP.  With the following search

Google: pace 5268AC pptp vpn

I found the following pages stating that the Pace 5268AC does not do GRE on port 47 correctly and that many people had been stopped by this problem.

The problem is not in your config, but lies directly with AT&T

At this point I talked via chat on the AT&T Contact Us – Internet page to verify the issue still existed with the Pace 5268AC router.    This was confirmed and support is sending me a NVG599 modem / router to replace the Pace 5268AC.  Arrival time quoted as tomorrow and I will need to ship the old modem back to avoid a 150 USD equipment charge.

Research Links

 

Ancillary Research Links

 

 

 

 

 

 

 

 

 

 

 

Categories: ComputingVPN

Leave a Reply

Your email address will not be published. Required fields are marked *