Latest update: 12. March 2023
- For your VPN to work on your network, you need to make some settings.
- TunnelBear connection problems can also be caused by, among other things, improper configuration.
- A non-functioning VPN on your device can put your privacy at risk.
- Read our guide to learn how to troubleshoot your TunnelBear connection like the pros.
Most IT administrators spend quite a bit of time troubleshooting VPNs before they can successfully set up a new network.
However, troubleshooting a VPN is similar to troubleshooting a WAN connection, as data passes through several channels before reaching its destination.
A problem can occur on any channel of the VPN connection. So, if you know the problems and have troubleshooting procedures, you can restore your VPN connection more easily.
Below are troubleshooting scenarios and solutions that can help you when TunnelBear is connected but not working.
FIX: Tunnel Connected but not in service
A VPN implementation consists of at least one PPTP RAS server and one client, both connected to the Internet, and a PPTP connection between the server and the client. If an ISP or internet connection is available, you can connect to your server or local network from anywhere in the world.
The problem is that most VPNs are not that simple. In most cases, the VPN server is located in a routed LAN segment, usually behind a firewall, and the client connection also uses an ISP network that has its own routers and firewalls.
The solution is to start with an NT server with the minimum number of services installed, and then limit the protocols to just two, TCP/IP and PPTP. You can also save time by updating your server with service packs before attempting to troubleshoot client connections. NT 4.0 Service Packs 5 (SP5) and SP6a fix most problems with PPTP connections, including fragmented packets, dropped connections, and disconnected connections.
Tip: Keep the server configuration as simple and clear as possible for troubleshooting.
There may also be a problem where TunnelBear connects but the client does not.
There are three possible reasons for this:
- Configuring domain and server accounts
This happens if your RAS server is configured as a domain controller or as a standalone system. If it is configured as a domain controller, verify that the domain user account has permission to log on. If it is not a domain controller, the RAS server verifies the client data with the default local SAM.
The standalone server can be authenticated through a local account on the RAS server or through a registry change that requires credentials to be authenticated through the domain SAM. In both cases, you must have permission to log in to the specified account.
If TunnelBear is causing you so many headaches when using it, we strongly recommend that you replace it. We recommend that you use highly secure VPN tools, such as Private Internet Access.
The US company, part of Kape Technologies, offers support for both OpenVPN and PPTP/L2TP/SOCKS5 for better interoperability with different networks and devices.
With many more servers than TunnelBear, PIA guarantees that you’ll almost always have a connection somewhere and that you’ll always get good internet speeds.
Our main reason for flying PIA :
- The latest and best used protocols and technologies
- Up to 10 simultaneous devices can be connected to a subscription.
- The VPN switch that comes with the PIA client.
- Use your own private DNS servers
- non-registered policy
Private Internet access
Get this highly configurable VPN service with port forwarding to multiple regional gateways for a great price in this limited time offer.
- Configuration of computer accounts
If your computer is an NT server, it must have a domain account. However, if this is a new system, create a new account in Server Manager before testing the connection. If you already have an account, but it is disabled, the password may not be synchronized with the server because a hidden password is generated for each account, which is automatically reset by PDC.
So if you have been offline for a while, the password may be different from the POC password, but you can delete your account and register again to solve this problem.
- Customer verification in negotiations
The RAS server can use 3 authentication protocols to authenticate PPTP users: Password authentication or PAP protocol, challenge handle authentication or CHAP and Microsoft CHAP (MSCHAP). The authentication protocols that your computer and the server negotiate to connect depend on the encryption settings you selected when configuring the incoming VPN server ports and the PPTP client network setting.
Available options on the server and client are Allow any authentication, Require encrypted authentication, or Require Microsoft encrypted authentication. With the latter, clients that do not support MSCHAP V2 cannot successfully connect.
Enable login verification in the user administration and try logging in again. If you check the NT Event Viewer security log entries, you can get an idea of what is preventing TunnelBear from working, for example. For example, if a username is invalid, if a password has expired or if an account is invalid, and if VPN ports are available.
If you are using the TunnelBear VPN and you can connect but not browse from your local network, make sure you first set up a workgroup on all Win9x clients with the target NT domain name. It is recommended that you understand how the four TCP/IP settings affect your network connection.
If you have users who work from home and have a broadband connection, surfing the web over the local network is a great option for remote users. Find out how to solve your display problems here:
If you are browsing and get the error message 53 from your system Network path was not found, it means that the client cannot resolve the NetBIOS names. Make sure the WINS server is assigned either statically in the network settings of the PPT connection or dynamically with ipconfig for all clients or Winipcfg for Win9x clients. If you do not have a WINS server address, enter it manually, reconnect the VPN, and try again.
- Default gateway configuration
Check the default gateway setting for the PPTP connection. If it always points to your ISP, it means that any client request to browse on the local network will go directly to your ISP and not to TunnelBear’s VPN connection. This allows the ISP to block the ports needed for the NetBIOS name translation.
Routers and firewalls can also prevent NetBIOS names from being sent unless you enable unicast traffic on UDP ports 137 and 138 and TCP port 139. Because NetBIOS names are owned by Microsoft, some ISPs cannot route this data through their infrastructure. Also check if your antivirus software is blocking access to the internet.
You can manually remove the route and add a static route to the VPN server virtual interface – the address assigned to the VPN interface (this is also the first available DHCP address in your RAS server configuration).
You can install NetBEUI on the RAS server and remote clients to resolve display issues. You can do this for incoming connections on the ports of the VPN server and select Net BEUI on the PPTP connection on the client. This allows the client to connect to the server via NetBEUI over TCP/IP. This is the easiest way to get a fully visible LAN.
If you still can’t browse, try connecting to the network share manually or check TunnelBear’s VPN server configuration, as there are many server issues that affect browsing, but the list of possible problems is too long to cover in this article.
This problem occurs in two scenarios: First, the VPN server may not allow the remote client to access the Internet when TunnelBear is connected. In this case, if you close the TunnelBear VPN connection, the client will be able to browse because the default gateway will be reset to the gateway specified by the ISP.
The second scenario is that Windows can replace the ISP gateway with the gateway defined by the VPN server when the client connects, so there is no path to the Internet. To do this, you can manually add a static route to the default ISP gateway to enable it by trying first the VPN gateway and then the ISP gateway.
If you even have problems with a fully functional TunnelBear VPN connection, configure a PPTP connection using only TCP/IP, then connect to the VPN server and authenticate. When a client extends the network environment, it shows itself and other clients in the list, but the remote system never appears in the network environment on the LAN. If you want remote clients to be displayed in the LAN browse list, install NetBEUI on the RAS server and the RAS clients.
Share your TunnelBear VPN connection experience with us, and if these solutions have helped you, please leave a comment in the section below.
Frequently asked questions
Not enough details.
It’s hard to understand
Contact an expert
Take part in the discussion
frequently asked questions
Why is my VPN connected but I cannot access the Internet?
One of the most common reasons why a VPN is connected but not working is a DNS configuration problem. This can also happen if you configure the VPN connection to use the default gateway of the remote network. This setting overrides the default gateway setting that you specify in the TCP/IP settings.
How do I solve the Internet access error?
tag ‘ no-internet-access-fix-windo…
Why is my TunnelBear not working?
Make sure you have enabled the Auto DNS option. Unfortunately, since Android prefers your own DNS to TunnelBear’s DNS, this can cause problems. If you have Private DNS enabled, remember to switch to Automatic DNS and try to connect again.
why is tunnelbear not connecting,tunnelbear not working android,tunnelbear keeps disconnecting,can’t access tunnelbear website,tunnelbear support,tunnelbear profile not installed,Feedback,Privacy settings,How Search works,TunnelBear,ProtonVPN,ExpressV…,Hotspot Shield,CyberGhost VPN,See more,vpn connection user authentication failed tunnelbear,tunnelbear download