Forum Search:
Forum.Brain-Cluster.com: Brain Cluster Technical Forum
Ultimate forum for Technical Discussions

Home » Microsoft » Windows Server » Windows Server General Help » Telnet to client over PPTP?
Telnet to client over PPTP? [message #164043] Fri, 12 June 2009 15:36 Go to next message
ever90321  is currently offline ever90321  United States
Messages: 26
Registered: June 2009
Junior Member
Hi,

Would somebody tell me if there's a setting or other technical issue
that prevents telnet connections into computers connected to an office
LAN through PPTP? The clients are using WinXP SP2 or SP3, and
connecting remotely using the built-in VPN client. The server is
Windows Server 2003 SP2, running the standard "Routing and Remote
Access" server. This has apparently been a longstanding issue at my
company, but I just started noticing it recently, as we hire more
remote users. It's affecting things like our network virus checker.
For example, it operates over certain client and server ports. I can
telnet to a server port from the client, but cannot do the reverse.
For another test, I started the Windows Telnet server on the remote
machine, and was also unable to connect. In both cases, the port was
opened in Windows Firewall. (I also tried stopping the firewall
service.) This affects every computer connecting on PPTP, not just a
few.

What bothers me is that after a bunch of web searches, I've found
basically zero other complaints. This gives me the impression that
either a) nobody telnets to remote machines, b) nobody expects to
telnet to remote machines, or c) the fix is extremely simple. Any
suggestions?

Thanks,
Todd
Re: Telnet to client over PPTP? [message #164044 is a reply to message #164043] Fri, 12 June 2009 15:42 Go to previous messageGo to next message
crisnospamhanna  is currently offline crisnospamhanna  United States
Messages: 711
Registered: July 2009
Senior Member
This is most likely a firewall issue at the client end

--
Cris Hanna [SBS - MVP]
Co-Contributor, Windows Small Business Server 2008 Unleashed
http://www.amazon.com/Windows-Small-Business-Server-Unleashe d/dp/0672329573/ref=pd_bbs_sr_1?ie=UTF8&s=books&qid= 1217269967&sr=8-1
Owner, CPU Services, Belleville, IL
A Microsoft Registered Partner
------------------------------------
MVPs do not work for Microsoft
Please do not submit questions directly to me.

<ever90321@mypacks.net> wrote in message news:f319d3f6-380a-4760-b050-73f979a5be32@o21g2000prn.googlegroups.com...
Hi,

Would somebody tell me if there's a setting or other technical issue
that prevents telnet connections into computers connected to an office
LAN through PPTP? The clients are using WinXP SP2 or SP3, and
connecting remotely using the built-in VPN client. The server is
Windows Server 2003 SP2, running the standard "Routing and Remote
Access" server. This has apparently been a longstanding issue at my
company, but I just started noticing it recently, as we hire more
remote users. It's affecting things like our network virus checker.
For example, it operates over certain client and server ports. I can
telnet to a server port from the client, but cannot do the reverse.
For another test, I started the Windows Telnet server on the remote
machine, and was also unable to connect. In both cases, the port was
opened in Windows Firewall. (I also tried stopping the firewall
service.) This affects every computer connecting on PPTP, not just a
few.

What bothers me is that after a bunch of web searches, I've found
basically zero other complaints. This gives me the impression that
either a) nobody telnets to remote machines, b) nobody expects to
telnet to remote machines, or c) the fix is extremely simple. Any
suggestions?

Thanks,
Todd
--
Re: Telnet to client over PPTP? [message #164047 is a reply to message #164043] Fri, 12 June 2009 16:37 Go to previous messageGo to next message
Joe  is currently offline Joe  United Kingdom
Messages: 353
Registered: July 2009
Senior Member
ever90321@mypacks.net wrote:
> Hi,
>
> Would somebody tell me if there's a setting or other technical issue
> that prevents telnet connections into computers connected to an office
> LAN through PPTP? The clients are using WinXP SP2 or SP3, and
> connecting remotely using the built-in VPN client. The server is
> Windows Server 2003 SP2, running the standard "Routing and Remote
> Access" server. This has apparently been a longstanding issue at my
> company, but I just started noticing it recently, as we hire more
> remote users. It's affecting things like our network virus checker.
> For example, it operates over certain client and server ports. I can
> telnet to a server port from the client, but cannot do the reverse.
> For another test, I started the Windows Telnet server on the remote
> machine, and was also unable to connect. In both cases, the port was
> opened in Windows Firewall. (I also tried stopping the firewall
> service.) This affects every computer connecting on PPTP, not just a
> few.
>
> What bothers me is that after a bunch of web searches, I've found
> basically zero other complaints. This gives me the impression that
> either a) nobody telnets to remote machines, b) nobody expects to
> telnet to remote machines, or c) the fix is extremely simple. Any
> suggestions?
>

a) and b) are correct. c) may or may not be. What services would a
client be running that could be usefully accessed from the server by
telnet? You know the risks you run in allowing VPN connections from
unknown machines, and I wouldn't have thought that any useful kind of
security auditing could be done across the link.

When you say you are trying to connect to a client, how *exactly* are
you trying to connect? If by name, where in DNS is that name known?
(Forget Netbios over VPN). If by IP address, which IP address? Remember
that a VPN client has by definition more than one, and the server will
only know about the one it has assigned by DHCP. When your telnet server
runs on the client, which interface(s) does it listen on?

As Cris says, if ping or any other handshaking protocol works in one
direction between the same two IP addresses but not in the other, then a
firewall of some description is involved. Basic routing must be correct
both ways in order for it to work in just one direction, so that's not
the problem. RRAS does have quite sophisticated packet-filtering
capabilities for VPN clients, but they is not enabled by default. XP
does not have a native outbound firewall, but does have an inbound one,
which by default applies to all interfaces.

There are quite a few variables here.

--
Joe
Re: Telnet to client over PPTP? [message #164049 is a reply to message #164047] Fri, 12 June 2009 17:35 Go to previous messageGo to next message
lstruckmeyer  is currently offline lstruckmeyer  United States
Messages: 890
Registered: September 2009
Senior Member
Agreeing with Cris and Joe, and asking what the final goal is.

If it is just to say you have done it, this seems like lots of work and
puzzlement with little reward.

If you are trying to figure out how remote users can best work on your
network, the answer is........... Terminal Services.

--
Larry Struckmeyer
Get your SBS Health Check
at www.sbsbpa.com


"Joe" <joe@jretrading.com> wrote in message
news:O333m256JHA.6136@TK2MSFTNGP03.phx.gbl...
> ever90321@mypacks.net wrote:
>> Hi,
>>
>> Would somebody tell me if there's a setting or other technical issue
>> that prevents telnet connections into computers connected to an office
>> LAN through PPTP? The clients are using WinXP SP2 or SP3, and
>> connecting remotely using the built-in VPN client. The server is
>> Windows Server 2003 SP2, running the standard "Routing and Remote
>> Access" server. This has apparently been a longstanding issue at my
>> company, but I just started noticing it recently, as we hire more
>> remote users. It's affecting things like our network virus checker.
>> For example, it operates over certain client and server ports. I can
>> telnet to a server port from the client, but cannot do the reverse.
>> For another test, I started the Windows Telnet server on the remote
>> machine, and was also unable to connect. In both cases, the port was
>> opened in Windows Firewall. (I also tried stopping the firewall
>> service.) This affects every computer connecting on PPTP, not just a
>> few.
>>
>> What bothers me is that after a bunch of web searches, I've found
>> basically zero other complaints. This gives me the impression that
>> either a) nobody telnets to remote machines, b) nobody expects to
>> telnet to remote machines, or c) the fix is extremely simple. Any
>> suggestions?
>>
>
> a) and b) are correct. c) may or may not be. What services would a client
> be running that could be usefully accessed from the server by telnet? You
> know the risks you run in allowing VPN connections from unknown machines,
> and I wouldn't have thought that any useful kind of security auditing
> could be done across the link.
>
> When you say you are trying to connect to a client, how *exactly* are you
> trying to connect? If by name, where in DNS is that name known? (Forget
> Netbios over VPN). If by IP address, which IP address? Remember that a VPN
> client has by definition more than one, and the server will only know
> about the one it has assigned by DHCP. When your telnet server runs on the
> client, which interface(s) does it listen on?
>
> As Cris says, if ping or any other handshaking protocol works in one
> direction between the same two IP addresses but not in the other, then a
> firewall of some description is involved. Basic routing must be correct
> both ways in order for it to work in just one direction, so that's not the
> problem. RRAS does have quite sophisticated packet-filtering capabilities
> for VPN clients, but they is not enabled by default. XP does not have a
> native outbound firewall, but does have an inbound one, which by default
> applies to all interfaces.
>
> There are quite a few variables here.
>
> --
> Joe
Re: Telnet to client over PPTP? [message #164543 is a reply to message #164043] Fri, 26 June 2009 04:16 Go to previous message
anthony  is currently offline anthony
Messages: 288
Registered: July 2009
Senior Member
Todd,
Can we clarify the problem? Is that telnet does not work? Or is it that
other things don't work, you are using telnet to test and then telnet
doesn't work?

My usual first check for telnet is the McAfee AV. It prevents telnet by
default, as well as e-mail from non-standard clients and a bunch of other
things.
Anthony,
http://www.airdesk.com


<ever90321@mypacks.net> wrote in message
news:f319d3f6-380a-4760-b050-73f979a5be32@o21g2000prn.googlegroups.com...
> Hi,
>
> Would somebody tell me if there's a setting or other technical issue
> that prevents telnet connections into computers connected to an office
> LAN through PPTP? The clients are using WinXP SP2 or SP3, and
> connecting remotely using the built-in VPN client. The server is
> Windows Server 2003 SP2, running the standard "Routing and Remote
> Access" server. This has apparently been a longstanding issue at my
> company, but I just started noticing it recently, as we hire more
> remote users. It's affecting things like our network virus checker.
> For example, it operates over certain client and server ports. I can
> telnet to a server port from the client, but cannot do the reverse.
> For another test, I started the Windows Telnet server on the remote
> machine, and was also unable to connect. In both cases, the port was
> opened in Windows Firewall. (I also tried stopping the firewall
> service.) This affects every computer connecting on PPTP, not just a
> few.
>
> What bothers me is that after a bunch of web searches, I've found
> basically zero other complaints. This gives me the impression that
> either a) nobody telnets to remote machines, b) nobody expects to
> telnet to remote machines, or c) the fix is extremely simple. Any
> suggestions?
>
> Thanks,
> Todd
Previous Topic:5 Things That Should Be In Windows 7 RTM
Next Topic:PXE Boot menu issues Server 2003 Mixed Mode
Goto Forum:
  


Current Time: Sun Aug 20 05:42:53 EDT 2017

Total time taken to generate the page: 0.07010 seconds
.:: Contact :: Home ::Sitemap::.

Powered by: FUDforum 3.0.0RC2.
Copyright ©2001-2009 FUDforum Bulletin Board Software