PPTP VPN With Server 03 and XP

S

Synchro

Limp Gawd
Joined
Mar 21, 2004
Messages
498
I'm guessing that I missed somehting - let me know if it's obvious to you.

I installed the routing & remote services on the server, created and granted user access, setup the client on an XP box and can connect to the VPN behind my firewall. The IP scope and sebnets are different. EG 10.1.1.x / 255.255.255.0 and 100.100.100.x / 255.255.255.255

I have a USR8054 wireless/wired router and opened up port 1723 for the PPTP VPN - This in turn opened up 'Protocol 47' as well -

From the outside trying to connect through the router to the VPN server I get Error 800 -

Are there additional ports necessary to make the connection? From all I've read this *should* work as it's setup now.... :(
 
Synchro said:
EG 10.1.1.x / 255.255.255.0 and 100.100.100.x / 255.255.255.255
Click to expand...

Are these the actual networks?? I ask because 255.255.255.255 is a host mask and does not represent a network...
 
The local lan that my home network is setup on runs the following IP scope and netmask:
10.1.1.x / 255.255.255.0

The IP scope and netmask that the VPN uses when connections are made is:
100.100.100.x / 255.255.255.255

Like I mentioned before, these seem to co-exist fine when I connect to the VPN behind the firewall, but no connection can be made outside of the firewall...
 
If you've verified that 1723 is indeed forwarding then, I'd say that Prot47 (GRE) hasn't been forwarded properly. Does this model specifically do that?

Quote from Manual:
Some applications require open service ports, such as Internet games, video conferencing, Internet telephony, and others. These applications cannot work with a pure NAT Wireless Cable/DSL Router since all the ports are blocked by default. This is a result of the Wireless Turbo Access Point & Router's NAT firewall function. Special Applications will allow some of these applications to work with a NAT Wireless Cable/DSL Router. If the Special Applications still do not allow an application to function correctly, refer to the DMZ host option in the "DMZ" area of the Access section in this Guide.
Click to expand...

Have you tried Placing the VPN server in DMZ yet? As a test?
 
the URR 8054 does support GRE -
I'm starting to think that it does it incorrectly though.

In the firmware when I enable PPTP - it's called a virtual server.
After turning this on, it creates firewall rules allowing 1723 to be passed thru to my 2003 server IP, and it also adds a few rules for GRE to be passed thru as well.

I have an email into USR to see if they have any tricks to offer up... still waiting...

DMZ? No not yet... but I'll try that tonight for sure...
 
So, after talking with USR tech support it was confirmed that their 'auto config' mode did not completely auto config the router for the VPN pass-thru. I had to add one additional rule, which was just to forward the same port that was already being forwarded, in another location of the router setup. After that was done making a connection went as expected...

Now, getting to the shares :)
 
You must log in or register to reply here.
Back
Top