changing the vpn port for 2003 server (or other solution to my problem)

dualblade

Supreme [H]ardness
Joined
Nov 19, 2000
Messages
4,180
i'm curious if there's a good way to be able to vpn on a port other than the default one

i set up a vpn on my server (2003 box). it's a multihomed box, with one nic connected to my isp and one connected to my internal network. this server is my everything server - dns,wins,rras,dhcp.... basically, the works. i'd like to be able to set up remote access to use port 443, since it's available from pretty much any place that i might be. i'd just use port 80 as that's even more available, except my isp doesn't let me setup a server on 80. is there a good way to change the default vpn port (i think it's 1723), or ports if there are multiple that remote access uses? i'm using 2003's built in firewall, which automatically adds entries for the services you set up. when i added the vpn service, it put in a new entry for ipsec and 2 vpn gateway entries. unfortunatly, the ports (incoming and outgoing) are hardcoded and you can't delete the firewall entry. the reason for incoming and outgoing (for those who aren't familiar with win2k3's firewall, is because it's a combination port forwarder and firewall entry. i'm just using 127.0.0.1 since vpn is happening on the local machine. was hoping that maybe i could do port translation using 443 external/1723 internal, but since the ports are hardcoded, that won't work (2003, you fail it!)

any advice?
 

nessus

2[H]4U
Joined
Jan 30, 2001
Messages
2,221
You do realize that ports for PPTP are well defined, right?

Changing that port number is like changing the RPC initiation port away from 135. Your clients couldn't connect any longer...

You would have to have a custom coded PPTP client to connect over any other port...

RFC specs http://www.networksorcery.com/enp/rfc/rfc2637.txt
 

dualblade

Supreme [H]ardness
Joined
Nov 19, 2000
Messages
4,180
i was assuming that on the vpn client, i could put servername : port. i am the only client, as this is my home server. i've used 443 for remote desktop and it works really well, but i'd rather vpn into my server and then remote into my desktop if i need to, for safety/security reasons
 
Top