Re: Windows 2003 VPN won't respond to packets forwarded by Linux router

From: Miha Pihler (mihap-news_at_atlantis.si)
Date: 07/28/04 

Date: Wed, 28 Jul 2004 21:29:04 +0200

Hi Steve,

did you check how your IP filters are setup on external network card on
Win2K3 server? Do you have correctly marked external and internal network
cards (IP filters are different for external or internal card!)

Are clients trusting the certificates that you issued? If you think the
problem is in certificates, use MS CHAP v2 for test, till it works with MS
CHAP v2 then switch to certificates.

Mike

"Steve Protter" <anonymous@discussions.microsoft.com> wrote in message
news:5d6c01c474b3$422908d0$a501280a@phx.gbl...
> My front end to the Internet is Linux. For a while I had
> forwarded VPN traffic to a Windows 2000 Pro workstation.
> But it only allowed one vpn connection.
>
> So we got Windows 2003 Server put it in the same ip
> address and went through the standard vpn configuration.
> No response to the packets or a 781 error, complaining
> about a missing certificate.
>
> We issued our own certificate and ran packet dumps, but
> the server simply does not respond. See this thread for
> details:
> http://forums1.itrc.hp.com/service/forums/questionanswer.do
> ?threadId=624076
>
> Mentioned articles here are:
> http://support.microsoft.com/default.aspx?scid=kb;en-
> us;247231
>
> and
>
> http://support.microsoft.com/default.aspx?scid=kb;en-
> us;329858
>
> Seems like we have a problem with Windows 2003 server.
> I've disabled the firewall completely but it doesn't want
> to respond to authentication requests. I simply don't
> believe the VPN clients complaint about a certificate
> being missing. You have to respond to the packets and this
> box simply won't do that. I've proven that with packet
> dumps. Because the VPN forwarding scheme did work with
> 2000 Pro, the problem seems to be the W2K3 box.
>
> Also, note that on the internal network, VPN connections
> work just fine.
>
> SEP
>
>

Relevant Pages

  • Re: Secure VPN access
    ... with it's security option for the client. ... After getting the VPN connection I check the Ip settings and found the ... point to the head ISP's DNS server. ... > Computer certificates for L2TP/IPSec VPN connections ...
    (microsoft.public.windows.server.sbs)
  • RE: VPN Problem, PC not Authenticating with Server
    ... is the VPN server, SBS or router? ... Regarding the configuration of L2TP VPN, please also refer to the following ... 818043 L2TP/IPsec NAT-T update for Windows XP and Windows 2000 ... Computer certificates for L2TP/IPSec VPN connections ...
    (microsoft.public.windows.server.sbs)
  • Re: VPN Problem, PC not Authenticating with Server
    ... do you mean you have configured L2TP/IPSec VPN ... is the VPN server, SBS or router? ... 818043 L2TP/IPsec NAT-T update for Windows XP and Windows 2000 ... Computer certificates for L2TP/IPSec VPN connections ...
    (microsoft.public.windows.server.sbs)
  • Re: Windows 2K RRAS VPN on DMZ cant authenticate users
    ... Internal network, it's then controlled via ACL's to allow only that server ... DMZ can see the LAN in certain circumstances, ie doing what I'm doing, ... It's a Remote Access VPN with clients connecting to it using PPTP nothing ...
    (microsoft.public.win2000.networking)
  • Re: IAS / RRAS
    ... Install Certificate services ... Configure the VPN connectoid and set it for l2tp connections? ... So you may want to try to do without the IAS server until problems ... > are resolved to rule it out as a problem.As far as certificates, ...
    (microsoft.public.windows.server.networking)