Should I be seeing this with PPTP VPN?

From: Viswanath Neelavalli (vneelavalli@yahoo.com)
Date: 03/29/03 

From: "Viswanath Neelavalli" <vneelavalli@yahoo.com>
Date: Sat, 29 Mar 2003 11:20:09 -0800

To all who know something about VPNs.

Experimental Setup:
[All this time I have a packet sniffer runnning on the
Server in "PROMISCOUS MODE"]
2 Windows 2K Advanced Server machines(lets say 'A' is
server and 'B' is Client) with Valid IPAddresses in a LAN.
IPSec Policy Agent Disabled on both machines.
On A, a RAS policy whose "Edit Profile" has been
configured for "Strong Encryption" and "Authentication"
has been set for "MS-CHAP v2" only. {Both A and B have
Microsoft High Encryption pack installed.}

Now I made a New VPN COnnection pointing to A as target IP
and then I chose the Authentication mode as MS-CHAP v2,
chose "Require Secure Password" and "Require Data
Encryption". I dial with the user name Adminsitrator and
appropriate password. In the Dial-in Properties for the
Administrator account on the server, the profile has been
set to follow RAS policy settings. The RAS policy has been
set for "Granting Access".

After I get authenticated and connected from the CLient, I
see the following on the Connection Details on the Client
Side.

ServerType => PPP;Transports => TCP/IP; Authentication=>
MS-CHAP v2; Encryption=>MPPE 128;Compression=>MPPC; PPP
Multilink Framing => On; Server IPAddress=>A.B.C.D and
Client IPAddress: E.F.G.H.

After this, I verify the "ipconfig" on the Client machine,
I shows its new IPA i.e. E.F.G.H as its Default Gateway.
And then in its 'route print' it shows a metric of 2 for
its old default gateway and 1 for its new IPAddress. So,
presumably all the client's traffic is going thru the new
Interface. {I dont know how else I can know more about
this.} I have a small application that makes TCP
connection with the server machine at a well known port.
When i do a full session of that application, I can see
the Application's TCP traffic in clear text in the Sniffer
running on the server. I do full sessions of TELNET and
FTP from the connected client, I can see everything in
clear text.

AM I Supposed to see this, or should I see all the
Application traffic of TELNET, FTP and etc.. with GRE
encryption?? I do see GRE traffic in the sniffer but I am
not expecting to see clear text telnet and ftp.

Please help me, I am really stuck.

Best Regards,
Viswanath Neelavalli.

Relevant Pages

  • Re: .Net Scalability problem
    ... LoadRunner will peak out a server with a few virtual users. ... To get an idea of load, ... Fire off the test client and watch the number of ... > So I think that the MTC generate concurrent connection and per ...
    (microsoft.public.dotnet.framework.adonet)
  • Re: Connection lost at same time every hour (sometimes)
    ... After making the two following alterations on the server the problem seems ... After analyze your ipconfig on SBS and client, ... Then, other connection is good, ...
    (microsoft.public.windows.server.sbs)
  • Re: server disconnection - very often
    ... Reason of permanent popups is VMware server aplication on clients. ... Run CEICW to configure the network of SBS: ... Two network adapters - manual router connection to broadband ... Uninstall VMware on client. ...
    (microsoft.public.windows.server.sbs)
  • Re: Lan setup 2 nic
    ... The external nic only has TCP/IP enabled. ... Ipconfig of the server is looking good, but the client is still missing the ... > connection so we have a 2 nic with router setup now. ...
    (microsoft.public.windows.server.sbs)
  • Re: Regular disconnections from remote web workplace
    ... I can connect to office server and all office clients from home at all times ... be physically working right up until the connection is lost. ... If I enter http://companyip from a client I receive the login screen for the ... Click Services tab and select Hide All Microsoft Services and Disable ...
    (microsoft.public.windows.server.sbs)