E200 opened detect pptp,pptp dials unsuccessfully

Publication Date:  2012-12-12 Views:  489 Downloads:  0
Issue Description
Trust untrust area opened detect pptp,internal network cannot access to external pptp server,it alarms that
 


undo nat alg enable esp
nat alg enable ftp
nat alg enable dns
nat alg enable icmp
nat alg enable netbios
undo nat alg enable h323
undo nat alg enable hwcc
undo nat alg enable ils
undo nat alg enable pptp
undo nat alg enable qq
undo nat alg enable msn
undo nat alg enable user-define
undo nat alg enable sip
undo nat alg enable mgcp
undo nat alg enable mms
undo nat alg enable sqlnet
undo nat alg enable rtsp
 

Alarm Information
NULL
Handling Process
1.Check the configuration and it is normal

2.Pptp server can ping

3.It can dial successfully by user account and ip

4.Suggest the client change the pc for test, the problem remained, exclude the carrier effect.

5.Suggest the client connect the external network reticle to pc for test, it can exclude the external network effect

6.Suggest the client capture the packet for analysis, they can communicate normally when pptp dialing, but some parameters negotiation is unsuccessful.



7、 cancel  excrescent  configuration, the problem remains

detect hwcc
detect http
detect rtsp
detect smtp
detect qq
detect msn
detect mgcp
detect mms
detect sqlnet
detect ils
detect h323
detect sip



firewall defend ip-spoofing enable
firewall defend land enable
firewall defend smurf enable
firewall defend fraggle enable
firewall defend winnuke enable
firewall defend syn-flood enable
firewall defend udp-flood enable
firewall defend icmp-flood enable
firewall defend icmp-redirect enable
firewall defend icmp-unreachable enable
firewall defend ip-sweep enable
firewall defend port-scan enable
firewall defend source-route enable
firewall defend route-record enable
firewall defend tracert enable
firewall defend time-stamp enable
firewall defend ping-of-death enable
firewall defend teardrop enable
firewall defend tcp-flag enable
firewall defend ip-fragment enable
firewall defend ftp-bounce enable
firewall defend packet-header check enable
firewall defend large-icmp enable
firewall defend arp-spoofing enable
firewall defend tcp-flood enable

8、the configuration has the following command
undo nat alg enable pptp

Change it to nat  alg  enable  pptp, the problem remains.
Root Cause
1.Configuration problem

2.pptp server ip failure

3、pptp server problem

4、Client network environment effect

Suggestions
The problem can be solved by opening the detect  pptp in the new version, but the old version should open nat  alg. 

END