1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Issues with QuickVPN client, grayed out connect button, etc

Discussion in 'Cisco Small Business Routers and VPN Solutions' started by YeOldeStonecat, Mar 17, 2007.

  1. YeOldeStonecat

    YeOldeStonecat Network Guru Member

    Getting kinda tired of it...boy..the PPTP VPN in the RV0 series is so rock solid. But the QuickVPN client...going through a few versions now..still needs some more time in the oven IMO.

    Fresh clean windows install, clean QuickVPN install, if you try to ping network resources..it times out. However..run a TCP tweak utility like the SG TCP Optimizer..and you can get replies if you ping.

    However...can't seem to get to print to printer resources (IP printers such as HP Jet Direct) on the LAN side. Yes file and print sharing set in the exceptions of the XP firewall.

    But my biggest gripe lately...since I've deployed a 50x QuickVPN user RV016 at a client...is that the QuickVPN client seems to randomly, across 30x various users, drop it's profile and have the "Connect" button grayed out. This is on a fleet of quick new IBM/Lenovo Thinkpad X40 and X60 series laptops...XPpro, clean, NOD32 antivirus, all windows updates, no 3rd party software firewalls, domain accounts are members of local admin group. Gotten so I keep a local copy of the QuickVPN client on their PC and walk them through uninstalling/reinstalling..and that holds them for a few weeks until it happens again. Anyone else having this issue?
     
  2. aviegas

    aviegas Network Guru Member

    If I understand correctly how QuickVPN works it's a combination of 3 "features", in a sort of "cut and paste" fashion:

    1) The core VPN stuff is handled by weird Windows IPSec implementation (using policies).

    2) The policy management is done with code adapted from a Windows VPN GUI by Marcus Müller (vpn.ebootis.de), that is responsible for creating and deleting the policies. It was originally designed to connect Windows 2000 (and later XP) to a FreeSwan VPN, that is the VPN stack used in the RV series.

    3) The initial authentication code is handled thru (S)HTTP, using WGET to interface with a web based service that provide the details for the tunnel.

    So, typically if QuickVPN starts to fail after sometime, there are (in my view) two possible problems:

    a) leftover policy - that can be checked with the policy management snap-in
    b) leftover/corrupt configuration file in the QuickVPN install directory.

    If you can check on of the "corrupted" machines, that will help.

    Please share your findings.
     
  3. YeOldeStonecat

    YeOldeStonecat Network Guru Member

    I poked around on my home machine (which has never failed)...in the QuickVPN directory...I found a few .conf files..but none that seem to hold the "Profile" data.

    Dug around in the users profile under Docs and Settings figuring there might be a QuickVPN directory there also..but didn't find one.
     
  4. aviegas

    aviegas Network Guru Member

    Try checking the policies. I can't help you much here cause I migrate all my local systems to Windows Vista and I cannot run QuickVPN at this time..... but if I recall it correctly, you run "mmc", add a IPSec Policy Management snap-in and the list of current available policies should pop. On a normal system there should not be any policy.
     
  5. aviegas

    aviegas Network Guru Member

    It the button is grayed, try minimizing the application and pass the cursor over the tray icon. believe it or not, it will give you some clue why it's not working.
     
  6. aviegas

    aviegas Network Guru Member

    I'm doing some work with it to find a solution that will work under Vista and guess what... my test machine got the problem (grayed connect).

    I had a hunch about it: the "op.txt" file that has either a 0 or 1. Erase it, restart QuickVPN and the "connect" was back there.

    op.txt can be left in a "connected" status if QuickVPN was terminated abruptely, like a had to do, so this may be you problem too.

    Hope this helps.
     
  7. YeOldeStonecat

    YeOldeStonecat Network Guru Member

    Interesting...I wonder if I can replicate that...shut down the PC while still connected or something?

    I cannot get it to fail on my own laptop, home PC, or office PC. But at least 25% of the nurse fleet at this client gets this issue frequently.
     
  8. aviegas

    aviegas Network Guru Member

    CTRL-ALT-DEL, go to the task manager and kill quickvpn.exe. That will leave the directory in a "inconsistent" state.
     
  9. YeOldeStonecat

    YeOldeStonecat Network Guru Member

    Throwing in the towel here on using the QuickVPN client on larger deployments.

    I've done a couple of dozen RV0 router installs at clients...I find the router itself very reliable, stable, fast, PPTP is fantastic.

    But for the clients that need higher numbers of VPN access....the QuickVPN product has not been reliable for me. Just last week I encountered the VPN database corruption issue I had read about a few times in this forum....where the router pretty much doesn't accept incoming VPNs...giving error about incorrect user/pass. Requiring a factory reset and reprogramming of it. Simply not acceptable IMO.

    Currently looking at Juniper Netscreen, Sonicwall, or building my own SSL server...SSL Explorer, for this client.
     
  10. aviegas

    aviegas Network Guru Member

    Have you tried group VPN? The only problem is that all most clients will share the same PSK.
     
  11. ne1r

    ne1r Network Guru Member

    Any word when there may be QuickVPN with Vista compatibility?
     
  12. aviegas

    aviegas Network Guru Member

    So far nothing...
    As for my experiments, I've tried QuickVPN, group VPN and regular VPN using the Microsoft VPN code, that is what is used by QuickVPN. So far I can connect with regular (fixed IP) VPN and Group VPN, but can't ping. QuickVPN mode does not even connect.

    So I will stick to PPTP till this gets fixed.
     

Share This Page