The vpn that wouldn't

Some time ago one of my clients said he needed to work from home now and then. As we were already using a Multitech RouteFinder, I just added a PPTP vpn user for him. That's the easiest thing to do for Windows users: no additional software, just use the built in Windows "Connect to" software. Everything was fine.

After a few months, his wife started using it so that she didn't need to drive to the store just to confirm payroll numbers. Then there was the partner who needed access while on the road, so I had to add a few more ip addresses to the assigned range. That's how you control the number of vpn users with the Multitech: you give it a range of ip's it can use for the vpn. I gave it 195 to 199 on their subnet - two more users than they actually were using. I figured that would let me in if necessary and left one as a spare.

A few months ago, the owner's wife started having sporadic connection problems. As it happened, I wasn't immediately available when these occurred, but when I would check, everything was fine. I asked the owner if he was having any problems; he said he never did. OK, one of those stupid non-reproducible annoyances. Live with it until you can't stand it and then I'll look at her machine.

Yesterday he called again saying his wife couldn't get in. I was sitting at my desk this time, so I tried. Hmmm.. just like his wife said: Windows said it was connected, but I couldn't do anything. Hmmm.. looks like an ip problem

I sshed in instead and did an "arp -an". I knew that my DHCP server should be assigning addresses from 100 to 175, but to my complete surprise only a few addresses were down in that range. Most were above that, running from 175 to 199, and 195 to 199 were definitely occupied. Aaargh. I know what's wrong: they put in a Windows server a while back for some other project, and the stupid thing must be serving addresses. It's trampling all over my structure and particularly is using up my pptp addresses. I dialed the phone to explain this to my client.

"Oh, before I forget", he interjected before I began, "the service techs are having trouble sometimes too."

Slight pause as my brain spun 180 degrees.

"The service techs? Are they using the vpn?"

"Oh, yeah. I gave them all laptops and Verizon Internet. It's great!"

I bet. "How many techs?", I asked.

"Uh, six. But we usually have at least one or two doubled up."

Let's see: five allocated ip addresses, one work at home wife, one sometimes traveling partner, and six techs. Maybe the Windows server problem isn't the whole of it. I took another look at the arp listing.. nothing above 199. I did a mental count of machines I knew about and came up with less than twenty. Looks to me like I do need to go find out who's handing out ip's without my permission, but the vpn problem is probably more easily fixed: I bumped the Multitech to let it use up to 210. I explained all this to the owner, and said I'd stop in when next in the area to hunt down the rogue DHCP server.

Click here to add your comments




Thu Aug 17 13:37:51 2006: Subject:   BigDumbDInosaur


"Oh, before I forget", he interjected before I began, "the service techs are having trouble sometimes too."

Doncha love it when clients leave out essential information? I have several that routinely do that and then complain because the bill to fix whatever ailed them is high. They just can't seem to make the connection between them not giving me all the facts and the amount of time I have to consume hunting down the information that they could have given me. Oh well! It keeps me busy and out of trouble (most of the time, anyhow).



Thu Aug 17 13:56:18 2006: Subject:   TonyLawrence


At least this client understands things. After all this, he said "I should have mentioned the techs.. I just forgot because they hadn't complained much"





Fri Aug 18 04:30:36 2006: Subject: WHY!?   Sledge


Why do they do it? Why do they start meddling in the affairs of things too deep for them? Casually, like it doesn't matter. Then they get angry and say things like "Ever since you made that change..."
My systems are a pristine digital entity, a perfect being. End users are a parasitic infestation of it.
"Oh I forgot to mention. I read two inches of copy in a trade rag about 'appliances' and I replaced the router, switch, and firewall with a toaster and swapped all the machines with either a paper shredder or a dirt devil. The clerk at the office supplies store says it wouldn't have caused any of these problems. So what did you do to my network?"



Fri Aug 18 10:49:36 2006: Subject:   TonyLawrence


Naaw. I don't have clients like that. That is, if I do happen to get tangled up with someone like that, I disengage and don't do any more work for them.

My clients are all good, intelligent people who need a little help now and then.



Don't miss responses! Subscribe to Comments by RSS or by Email

Click here to add your comments

If you want a picture to show with your comment, go get a Gravatar

Jump to Comments

Many of the products and books I review are things I purchased for my own use. Some were given to me specifically for the purpose of reviewing them. I resell or can earn commissions from the sale of some of these items. Links within these pages may be affiliate links that pay me for referring you to them. That's mostly insignificant amounts of money; whenever it is not I have made my relationship plain. I also may own stock in companies mentioned here. If you have any question, please do feel free to contact me.

Specific links that take you to pages that allow you to purchase the item I reviewed are very likely to pay me a commission. Many of the books I review were given to me by the publishers specifically for the purpose of writing a review. These gifts and referral fees do not affect my opinions; I often give bad reviews anyway.

We use Google third-party advertising companies to serve ads when you visit our website. These companies may use information (not including your name, address, email address, or telephone number) about your visits to this and other websites in order to provide advertisements about goods and services of interest to you. If you would like more information about this practice and to know your choices about not having this information used by these companies, click here.