Re: VPN connections

From: Robin Walker (rdhw_at_cam.ac.uk)
Date: 11/13/04

• Next message: gyrocam1: "Re: VPN connections"
• Previous message: Lanwench [MVP - Exchange]: "Re: VPN Folder Sharing"
• In reply to: gyrocam1: "VPN connections"
• Next in thread: gyrocam1: "Re: VPN connections"
• Reply: gyrocam1: "Re: VPN connections"
• Messages sorted by: [ date ] [ thread ]

---

Date: Sat, 13 Nov 2004 16:53:09 -0000

"gyrocam1" <gyrocam1@discussions.microsoft.com> wrote in message
news:B8D4629C-A5A4-46E5-875F-5CF2A1DFDC95@microsoft.com
>
> I am trying to set up a vpn connection between my home (laptop
> dynamic IP) and my office (pc static IP).

Are you trying to make a VPN with PPTP or with L2TP?

> Both machines are running
> windows xp pro sp2. The office machine is behind a Linksys router and
> has port forwarding to the if address of the PC enabled.

Which ports are forwarded? The required ports are different depending on
whether you are trying PPTP or L2TP. For PPTP you need to forward TCP port
1723, plus IP protocol number 47 (known as GRE). On a Linksys, forwarding
GRE is usually enabled by enabling "PPTP pass-through". However, depending
on which model of Linksys router you have, PPTP pass-though is broken on
certain firmware versions, and incoming PPTP connections cannot be made.

With L2TP/IPSec, you need to forward UDP ports 1701, 500, and 4500, and
enable "L2TP pass-through". But setting up an L2TP server is non-trivial on
the IPSec side.

> Windows
> firewall is configured to allow VPN and rdc and indeed I can connect
> no problem using RDC. When I try to establish a vpn I get as far as
> logon name and password veryfication and then everything stops. I
> have a feeling it may be something to do with authentication
> prorocols but I don't know enough about how to configure
> IPsec/certificates/MS-Chaps v2 blah blah blah.

If you are trying L2TP/IPSec, then see
http://support.microsoft.com/default.aspx?scid=kb;en-us;885407 because your
L2TP server is behind a NAT router.

-- 
Robin Walker
rdhw@cam.ac.uk 

---

• Next message: gyrocam1: "Re: VPN connections"
• Previous message: Lanwench [MVP - Exchange]: "Re: VPN Folder Sharing"
• In reply to: gyrocam1: "VPN connections"
• Next in thread: gyrocam1: "Re: VPN connections"
• Reply: gyrocam1: "Re: VPN connections"
• Messages sorted by: [ date ] [ thread ]

---

Relevant Pages Re: VPN server ... PPTP is encrypted, you can use L2TP without certificates. ... You can use a pre-shared key instead of a certificate for L2TP/IPSec ... Well you have to configure the RRAS VPN service (see buiilt-in Help* or ... (microsoft.public.windows.server.active_directory) Re: Linksys router settings ... I had a Linksys router not function like this when I had PPTP and IPSec ... > POrt Range: I've inserted these in when they weren't showing on the UPnP ... >> when set up incoming VPN connection on SBS 2003. ... (microsoft.public.windows.server.sbs) Re: RDP over VPN between two XP Pro machines ... there is no way to change the PPTP VPN port. ... > obscure port and then forward to my internal workstation on the standard RDP ... (microsoft.public.windowsxp.work_remotely) Re: VPN server ... You have to choose either/both PPTP or L2TP (which uses IPSec) for the ... (Dial-in tab even though this is VPN) ... (microsoft.public.windows.server.active_directory) Re: Can you change the default VPN port on server 2003 and XP clients? ... There's no way to change the PPTP port. ... Normally, when your computer makes a VPN connection, your computer's default gateway is changed to the IP address of the VPN server. ... as it prevents your computer from being misused as a kind of router between the remote network and the Internet. ... Then you could make multiple PPTP connections from your computer. ... (microsoft.public.windows.server.networking)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(14)