Share this article

Improve this guide

TunnelBear not working, no Internet access [Fixed]

8 min. read

Updated onOctober 4, 2023

updated onOctober 4, 2023

Share this article

Improve this guide

Read our disclosure page to find out how can you help Windows Report sustain the editorial teamRead more

Key notes

Most IT administrators spend a fair amount of time performing troubleshooting on VPNs before successfully deploying a new one.

However, troubleshooting a VPN is similar to troubleshooting problems with your WAN connectivity, owing to its complex nature as data travels via multiple links before reaching its destination.

Something can go wrong at each link in the VPN connection, so knowing the problems and having troubleshooting procedures will help you debug the VPN connection.

Below are the troubleshooting scenarios plus their solutions, to help you when TunnelBear is connected but not working.

World-class 24/7 support with 83% for a 3 years plan and 3 months free.

Amazing connection speed with 35% off and 3 months free for the 1-year plan.

Best security protocols with 83% off and 2 months free for a 2-year plan.

FIX: TunnelBear connected but not working

FIX: TunnelBear connected but not working

1. Unsuccessful deployment of TunnelBear VPN

At the very minimum, a VPN implementation comprises a RAS PPTP server and a client both of which are connected to the internet, and a PPTP connection in between server and client. If your ISP service or internet connection is available, you can connect to your server or LAN from wherever you want in the world.

The problem is that most VPNs aren’t that simple. More often than not, the VPN’s server is on a routed LAN segment, usually behind a firewall, and the client connection also uses the ISP network which has its own routers and firewalls.

The solution to this is to start with an NT server that has minimal number of installed services, and then limit the protocols to just two – TCP/IP and PPTP. You can also save time by updating your server with service packs before trying to troubleshoot the client connections. NT 4.0 Service Packs 5 (SP5) and SP6a will correct most PPTP connection problems including those related to fragmented packets, dropped and refused connections.

Tip:Keep the server configuration as simple and straightforward as you can for purposes of troubleshooting.

2. TunnelBear VPN connected but client cannot log on

You may also encounter a problem when TunnelBear is connected but the client cannot log on.

There are three possible causes for this:

This happens if your RAS server is configured as a domain controller or standalone system. If configured as a domain controller, ensure the user’s domain account has dial-in permission. If not a domain controller, RAS server authenticates the client’s credentials by default against the local SAM.

The standalone server can be authenticated either with a local account on the RAS server, or with an edit to the registry that forces it to authenticate credentials against the domain SAM. In both cases, you have to have dial-in permission for the account you supply.

If TunnelBear gives you so many headaches while using it, we strongly recommend you changing it. Our advice is to go for a highly reliable VPN tool such asthe one recommended below.

This US-based company, owned by Kape Technologies, offers OpenVPN protocol support as well asPPTP/L2TP/SOCKS5 for improving compatibility with various networks and devices.

Having many more servers than TunnelBear, this VPN ensures that you will almost always have where to connect to and still get good Internet speeds.

Ourtop reasonsto go with this solution are:

Private Internet Access

If your computer is an NT server, it must have an account in the domain. If it is a new system, however, create the new account in Server Manager before testing the connection. If you already have an account but it has been disconnected, the password may not be synchronized with the server, because for every account, a hidden password is generated which the PDC resets automatically.

Therefore, if you’ve been offline for a while, the password may differ from the one on the PDC, but you can delete your account and re-add it to fix this problem.

A RAS server can use 3 authentication protocols to authenticate PPTP users: Password Authentication or PAP protocol, Challenge Handshake Authentication or CHAP, and Microsoft CHAP (MSCHAP). The authentication protocols that your computer and server negotiate for logon depend on the encryption settings selected when you configure the server’s incoming VPN ports, and the client PPTP connection network settings.

The options available on the server and client include allowing any authentication, requiring encrypted authentication, or requiring Microsoft encrypted authentication. For the latter, clients that don’t support MSCHAP V2 cannot log on successfully.

What you need to do is enable logon auditing in User Manager and try the connection again. This gives you a picture of what is hindering TunnelBear from working when you check the records in the NT Event Viewer’s Security log, like if the username is invalid, or password expired, or an invalid account and whether VPN ports are available.

3. Connected but cannot browse using LAN

If you’re using TunnelBear VPN and you managed to log on but cannot browse using LAN, first ensure you set the workgroup to target the NT domain name on all Win9x clients. It’s recommended that you understand how the four TCP/IP settings affect your network connection.

When you have users working from home with high connection speeds, browsing via LAN is a great option for remote users. Here’s how to troubleshoot browsing issues:

If you’re browsing and get error 53 from your system “the network path was not found” it means the client cannot resolve NetBIOS names. Ensure the WINS server has been assigned, either statically in PPT connection’s Network Settings, or dynamically usingipconfigfor all clients orWinipcfgfor Win9x clients. If you don’t have a WINS server address, enter it manually, then reconnect the VPN and try to browse again.

Check the default gateway setting for the PPTP connection, and if it still points to your ISP, it means every client request to browse the LAN goes direct to your ISP rather than to TunnelBear VPN connection. Thus, the ISP may block ports required for NetBIOS name broadcasts.

Routersand firewalls can also prevent the transmission of NetBIOS names unless you enable unicast traffic on UDP ports 137 and 138, and TCP port 139. NetBIOS names are proprietary to Microsoft so some ISPs may not let such data flow through their infrastructure. Also check if your antivirus is blocking internet access.

You can manually delete the route and add a static route to the VPN server’s virtual interface – the address assigned to the VPN interface (it is also the first available DHCP address in your RAS server configuration).

You can install NetBEUI on the RAS server and remote clients to resolve browsing issues. This can be done for incoming connections on the server’s VPN ports, and select Net BEUI in the PPTP connection on the client. This connects the client to the server with NetBEUI over TCP/IP. This is the easiest way to get a fully browsable LAN.

If you still cannot browse, try connecting to a network share manually, or review TunnelBear VPN server configuration as many server problems affect browsing, however, the list of potential issues is too long to cover in this article.

4. Connected but cannot browse the internet

This problem happens in two scenarios: first, the VPN server may not let remote client’s access the internet when TunnelBear is connected, in which case, if you close the TunnelBear VPN connection, the client can browse because the default gateway reverts to the gateway specified by the ISP.

The second scenarios is that Windows may overwrite the ISP gateway with the VPN server-defined gateway when the client connects, so there’s no path to the internet. For this, you can manually add a static route to the ISP’s default gateway to resolve it, by trying the VPN’s gateway first, then the ISP gateway.

5. Connected but doesn’t appear in the Network Neighborhood

If you get this problem even with a fully functional TunnelBear VPN connection, configure your PPTP connection with TCP/IP only and connect, then authenticate to the VPN server. When the client expands Network Neighborhood, it shows itself and other clients in the list, but the remote system never appears in the Network Neighborhood on LAN. If you want remote clients to appear on the LAN browse list, install NetBEUI on the RAS server and RAS clients.

Share with us your experience with TunnelBear VPN connection, and if these solutions helped, by leaving a comment in the section below.

More about the topics:Tunnelbear,VPN errors

Milan Stanojevic

Windows Toubleshooting Expert

Milan has been enthusiastic about technology ever since his childhood days, and this led him to take interest in all PC-related technologies. He’s a PC enthusiast and he spends most of his time learning about computers and technology.

Before joining WindowsReport, he worked as a front-end web developer. Now, he’s one of the Troubleshooting experts in our worldwide team, specializing in Windows errors & software issues.

User forum

0 messages

Sort by:LatestOldestMost Votes

Comment*

Name*

Email*

Commenting as.Not you?

Save information for future comments

Comment

Δ

Milan Stanojevic

Windows Toubleshooting Expert

Before joining WindowsReport, he worked as a front-end web developer. Now, he’s specialized in Windows errors & software issues.