L2TP error on Vista when using PPTP

Jan 4, 2011 at 7:58 PM

I have an application that is using dotras to make a PPTP vpn connection to the office from field computers.  I have included the phonebook entry string below.

Dim pbkEntry As DotRas.RasEntry = DotRas.RasEntry.CreateVpnEntry("dwr", "www.mydomain.com", DotRas.RasVpnStrategy.Default, DotRas.RasDevice.GetDeviceByName("(PPTP)", DotRas.RasDeviceType.Vpn))

It works for almost everyone.  However, two field staff, both saying they run Vista, get an error as follows when they try to connect.

"A certificate could not be found.  Connections that use the L2TP protocol over IPSEC require the installation of ......."

Any idea what might be happening?

Thanks

Coordinator
Jan 5, 2011 at 2:08 PM

That's a known bug, there were a couple proposed fixes attached to the workitem http://dotras.codeplex.com/workitem/11876 however it isn't entirely fixed yet. There still seems to be some issues with certain operating systems, and depending on the VPN configuration when using client certificates they may or may not be found.

Jan 5, 2011 at 7:31 PM

I'm not sure if I am completely understanding you.  I am using PPTP and don't use any certificates at least not as far as I know.  Am I misunderstanding how and when certificates are used?  If certiifcates are not used is this still a bug in that case?  Do the answers in your referenced message apply to PPTP connections that don't use a certificate?

Thanks

Coordinator
Jan 6, 2011 at 3:45 AM

PPTP doesn't use certificates, the VPN entry on the broken machines could be configured to use L2TP and EAP with certificates. I'd suggest you verify the entry being dialed on your problem machines and ensure they're configured correctly before we proceed any further.

Jan 6, 2011 at 4:06 PM

Maybe I am just lost in terms of what I am thinking and doing.  My code makes the phone book, the phone book entry etc. and it is set to PPTP by the code, I didn't realize it could get configured as L2TP and EAP if I didn't specify that in my code.  My application actually makes the phonebook, the phonebook entry, dials it and then closes and removes the entry and the phonebook every time.

I will have to try and see what I can on their machines and what might be going on when they are not in the field.

Thanks Again

Coordinator
Jan 7, 2011 at 9:20 PM

I thought i'd mention that the default VPN strategy does try both L2TP and PPTP even if the PPTP device is used (that's a Windows thing, not a DotRas thing). If you want to only allow PPTP connections, you can try changing the VPN stragegy to PptpOnly. I wasn't sure how the connections were being created, and if users would have access to change them.

Check the problem machines and see if anything weird is going on there, the dialer wouldn't use L2TP unless the entry was configured to use it.