1. You are viewing our forum as a guest. For full access please Register. WindowsBBS.com is completely free, paid for by advertisers and donations.

Small Business Server 2003 PPTP VPN

Discussion in 'Windows Server System' started by c1623, 2004/12/22.

Thread Status:
Not open for further replies.
  1. 2004/12/22
    c1623

    c1623 Inactive Thread Starter

    Joined:
    2004/12/22
    Messages:
    1
    Likes Received:
    0
    Hi people I wonder if you could help.
    Local network consists of:-
    Win2003 SBS Server 192.168.1.2
    Cable Router 192.168.1.1 (Local LAN)
    xxx.xxx.xxx.xxx (WAN Side)
    The router allows ports 1723, 500, 47 amongst others through

    From outside of the above network I am trying to connect using an XP client to the 2003 SBS VPN server.
    VPN Server is enabled on the 2003 server
    DHCP Server is running on the 2003 server

    I never get past verifying password. Error is 721.
    Nothing in the event log. No packets dropped on router.
    Any ideas? On the router which ip should I use to identify the VPN server?
    From my client I connect to the public address of my router but of course this gets forwarded to the private IP.
    All help gratefully received.

    C1623
     
    c1623,
    #1
  2. 2004/12/22
    ReggieB

    ReggieB Inactive Alumni

    Joined:
    2004/05/12
    Messages:
    2,786
    Likes Received:
    2
    I expect the problem is NAT on the router. It can cause a couple of problems with VPN.

    1. You need to be able to forward the VPN traffic to the right internal PC. That means forwarding the right set of ports to the server (IP for the server's network connection closed to the router - that is if you have two NICs in the server, the IP address of the NIC the router is connected to. Otherwise just the server's IP). Which ports depends on the VPN protocol. A google search for PPTP ports should get those for you.

    2. NAT alters the headers in the IP packet (effectively changing the destination and/or source fields). This alters the check sum results that some VPN protocols use to validate the data.

    The easiest solution to both problems is to make sure that you have a router that is VPN aware. These will have a setting that allows you to forward VPN traffic to an internal IP without altering the fields that would affect the checksum.

    An alternative is to use an ISP that will give you a valid subnet (usually 8 IP addresses - 5 useable), and not use NAT. But this is probably an extreme solution. Another option is to use a VPN router - that acts as the VPN server (so the VPN tunnel terminates at the router rather than the server).
     
    ReggieB,
    #2


  3. to hide this advert.

  4. 2005/01/09
    jotay

    jotay Inactive

    Joined:
    2005/01/09
    Messages:
    1
    Likes Received:
    0
    i have this problem too

    :confused:
    ok, have a hawking H2BR4 router,

    i had enable this ports fordwarding
    47,50,500 & 1723 to my private ip ....

    the vpn still not working :confused:

    i had use this configuration in a linksys router and my vpn works fine

    what can i do?
     
    jotay,
    #3
Thread Status:
Not open for further replies.

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...