Re: Setting up Windows VPN

From: Robert L [MS-MVP] (noreply_at_hotmail.com)
Date: 12/27/04 

Date: Mon, 27 Dec 2004 08:57:14 -0600

I would it internally. if it works, focus on the router. 

-- 
For more and other information, go to  http://www.ChicagoTech.net
Don't send e-mail or reply to me except you need consulting services. 
Posting on MS newsgroup will benefit all readers and you may get more help.
Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN, Anti-Virus, Tips & Troubleshooting on 
http://www.ChicagoTech.net
Networking Solutions, http://www.chicagotech.net/networksolutions.htm
VPN Solutions, http://www.chicagotech.net/vpnsolutions.htm
VPN Process and Error Analysis, http://www.chicagotech.net/VPN%20process.htm
VPN Troubleshooting, http://www.chicagotech.net/vpn.htm
This posting is provided "AS IS" with no warranties.
"xfile" <cou-cou@remove.nospam.com> wrote in message 
news:eJJv1B86EHA.3908@TK2MSFTNGP12.phx.gbl...
> Hi:
>
> Thanks if anyone can help me to set up a home VPN network trough Internet 
> DSL connection for my Windows XP pro systems.  The ideal way is to let 
> portables access desktop through Internet VPN when I am not at the home 
> environment.
>
> Here is my environment:
>
> (1) 3 Windows Pro (all with SP2 and latest updates, NIS 2004 Pro), one is 
> Desktop and two are portables.
>
> (2) All joined a local private domain (PC server, but off most of time, 
> and do not wish to set up VPN through this, since it is off most of time)
>
> (3) Internet connection: DSL with Buffalo G54 wireless router which also 
> has 4 LAN ports.  The desktop is connected to LAN port, and portables are 
> using wireless connection.  No internet connection sharing through any 
> system.
>
> (4) Internet connection (2): ISP has assigned a static IP address.  DHCP 
> server and default gateway are performed by router.  DNS server: Primary 
> set to local domain server, and secondary is carried by the router.
>
> Basically, the router serves as the primary gateway and controller for all 
> Internet traffic.
>
> What I have done:
>
> (1) I used Network Connections to create a VPN connection through the 
> wizard, and got the famous 800 error codes,
>
> (2) I have consulted with router manufacturer to properly configure 
> router, including firmware update and adding an NAT table for opening the 
> port: TCP 1723
>
> (3) I have consulted with Symantec technical support about how to opening 
> a port for an application but I don't know which executable files, or 
> modules Windows will use for VPN connection, so I have not done this yet.
>
>
> What I don't know:
>
> According to MS KB articles, 800 error message can be caused by the 
> following...
>
> If you use a personal firewall or a broadband router, or if there are
> routers or firewalls between the VPN client and the VPN server, the
> following ports and protocol must be enabled for PPTP on all firewalls and
> routers that are between the VPN client and the VPN server:
>
>      Client ports Server port Protocol
>      1024-65535/TCP 1723/TCP PPTP
>
> Additionally, you must enable IP PROTOCOL 47 (GRE).
> ---------------------------------------------------------------
>
> (1) Do I have a VPN client/server relationship in this case?  I wish the 
> portable can access information stored at the desktop when I was away from 
> home.  Does that make the desktop server, and portable clients?
>
>
> (2) I don't understand this at all, and how do I do that?
>
> ...........following ports and protocol must be enabled for PPTP on all 
> firewalls and
> routers that are between the VPN client and the VPN server:
>
>      Client ports Server port Protocol
>      1024-65535/TCP 1723/TCP PPTP
> ---------
> I can see HTTP port list on the NIS 2004 firewall setup,
> is this where I add those ports?  Currently, there are 80, 81, and...
>
> (2) 1024-65535: What does this mean?  Adding port from 1024 to 65535 
> or...??
>
> (3) Protocol PPTP and IP Protocol 47 (GRE): How do I add or enable them?
>
> Thanks for your kind help.
>
>
>

Relevant Pages

  • Re: Linksys router settings
    ... I had a Linksys router not function like this when I had PPTP and IPSec ... > POrt Range: I've inserted these in when they weren't showing on the UPnP ... >> when set up incoming VPN connection on SBS 2003. ...
    (microsoft.public.windows.server.sbs)
  • Re: VPN Router Setup Question
    ... > The term "configuring a pinhole" with a Netopia router looks like it's the ... > Then go into your router and "configure a pinhole" to forward all VPN ... >> having your server 'directly' connected to the internet. ...
    (microsoft.public.windows.server.sbs)
  • Re: Using Remote Desktop From an SBS Domain
    ... when you tried to RDP while attached directly to a port on your router? ... Internet to initiate an IP conversation with your computer. ... This situation is different than if you ran your own NAT connection sharing ...
    (microsoft.public.windows.server.sbs)
  • Re: exposing TS directly to Internet
    ... blocked IP address list for port 3389 TCP. ... Since the built in administrator account can not be locked out ... >> to logon to the VPN. ... > secure data communication through the Internet. ...
    (microsoft.public.win2000.security)
  • Re: Publish Web Server behind SBS 2003 Standard
    ... I ended up plugging another router into the WAN. ... How to configure Internet access in Windows Small BusinessServer2003http://support.microsoft.com/kb/825763/en-us ... network interface on right (By default the interface name should be ... input 80 in Outgoing port box. ...
    (microsoft.public.windows.server.sbs)