Re: New VPN Setup

From: Ola (anonymous_at_discussions.microsoft.com)
Date: 06/08/04 

Date: Tue, 8 Jun 2004 05:51:59 -0700

So in what you all are saying, if Terminal Services is
running on my win2k, and I can VPN to this Server from a
remote location, then I can run my Terminal Services
Client on my remote desktop/laptop as well as MMC, then I
can manage user accounts from the remote location?
Meaning I would not need to run something like
PCAnywhere.. (Would I need VPN TSE and MMC?)

Sorry for sounding foolish, but I just want to be crystal
clear.

Sounds a little confusing but is that the whole idea?

Thanks

Ola
>-----Original Message-----
>TSE - Terminal Service/Remote Desktop
>MMC - Microsoft Mananagement Console [you can invoke it
by running mmc.exe]
>
>TCP port 1723 and IP Protocol 47 (GRE) is required for
PPTP connection the
>reason being the encrypted VPN data travels as the
payload of an
>IP packet with a GRE header. If anything blocks GRE in
either direction, no
>data will flow and the connection fails. Hence ensure
that the router (or
>some other router/firewall in the path) does not block
GRE.
>--
>Thanks,
>Sharoon
>---------------------------------------------------------
>This posting is provided "AS IS" with no warranties, and
confers no rights.
>
><anonymous@discussions.microsoft.com> wrote in message
>news:196b901c44cda$1d3d88d0$a101280a@phx.gbl...
>> You might have tried to answer my questions, but I am a
>> little lost with the acronyms that you are using.
>>
>> What are TSE and MMC? And how do I accomplish what you
>> are saying?
>>
>> I have Port 1723 forwarded to my server from a linksys
>> router, and according to linksys, that is all I need to
>> do for both GRE and PPTP?
>>
>> My configuration now has to be on the Server and the
>> Laptop/Workstation
>>
>> For my server, I figured running RAS is all I need to
do
>> and configuring the client I thought, should not be too
>> difficult, however, when you were talking about TSE and
>> MMC, do I get to them through the VPN connection as
well
>> and again, what do the acronyms stand for?
>>
>> Thanks a lot in advance.
>>
>> Ola
>>
>>
>> >-----Original Message-----
>> >Hi,
>> >
>> >Q1 : you need to open TCP port 1723 and Protocol 47
>> (GRE) ... which is not
>> >TCP port 47. GRE is at the same level as TCP not over.
>> >
>> >Q2:You can TSE one of you DC and add the user (or
remove
>> him) with the local
>> >MMC. In this case your policy will only authorize TSE
if
>> you are member of
>> >'remote VPN administrators' AD group... or use the MMC
>> installed on your
>> >machine, but I think that you will need to open RPC.
>> >
>> >With Windows 2003 you cannot say 'authorize RPC' ...
>> there is no application
>> >filter (ISA 2004 hase these kind of application
filter)
>> so you will need to
>> >open TCP 135 and highports.
>> >
>> >Hope it helps.
>> >
>> >FE
>> >
>> >
>> >"Ola" <anonymous@discussions.microsoft.com> wrote in
>> message
>> >news:190d901c44ca7$70d393a0$a301280a@phx.gbl...
>> >> Hello all,
>> >>
>> >> I am trying to setup a VPN for a small company of
10. I
>> >> also have the issue of high turnover of employees in
>> this
>> >> small company because income is commission based.
So I
>> am
>> >> trying to achieve two different things.
>> >>
>> >> 1. VPN access to the employees - They need access to
>> >> network data while on the road sometimes. I have
never
>> >> setup a VPN before, however, I have opened ports
1723
>> and
>> >> 47 on my router to allow PPTP to my server. So other
>> than
>> >> running RAS on the server and running VPN Client on
the
>> >> workstations, what else do I need. You should also
note
>> >> that the company is using a fractional T1 line, so
>> there
>> >> is no phone number to dial into. I have a netopia
>> R9100-T
>> >> Router with VPN capability.
>> >>
>> >> 2. I need to be able to add and delete users
remotely.
>> If
>> >> I am able to get to the server by resolving
question 1
>> >> above, would I be able to accomplish question 2, or
do
>> I
>> >> need more to be able to use Active Directory Users
and
>> >> Computers?
>> >>
>> >> Thanks in advance
>> >>
>> >> Ola
>> >>
>> >
>> >
>> >.
>> >
>
>
>.
>

Relevant Pages

  • Re: New VPN Setup
    ... What are TSE and MMC? ... I have Port 1723 forwarded to my server from a linksys ... do I get to them through the VPN connection as well ...
    (microsoft.public.win2000.ras_routing)
  • Re: VPN XP to SBS 2003 Connects ok but no files or folders displayed
    ... Is there a chance that the XP users IP address range at the remote location ... matches the internal IP range for the SBS network? ... I am trying to set up a VPN for our sales guys working from home. ... router but internal ip address to the server. ...
    (microsoft.public.windows.server.sbs)
  • Re: New VPN Setup
    ... TSE - Terminal Service/Remote Desktop ... MMC - Microsoft Mananagement Console ... > I have Port 1723 forwarded to my server from a linksys ... do I get to them through the VPN connection as well ...
    (microsoft.public.win2000.ras_routing)
  • Re: BE on internet
    ... tell your FE the BE is on a server? ... You cannot link to a file over the internet. ... be done over the internet with a VPN tunnel. ... app are at the remote location so that all data traffic ...
    (microsoft.public.access.tablesdbdesign)
  • Re: VPN Application Speed
    ... VPN" is and how its applied? ... fine and secure but the response time of the application is unacceptable. ... Currently only the Server location has a static IP address assigned ... and I'm wonder if a Static IP's at the remote location would speed things ...
    (microsoft.public.windowsxp.work_remotely)