Re: VPN setup with static IP. How?

From: Galop (Galop_at_discussions.microsoft.com)
Date: 02/04/05 

Date: Fri, 4 Feb 2005 13:39:01 -0800

I think something is mis understood. It is like this.

W2K server with two nics. 192.168.16.2 is internal LAN and 192.168.1.10 is
for external WAN. this external nic is connected to LinkSys router and the
WAN port of this rouetr is connected to DSL modem's RJ45. DSL modem connects
to ISP. The ISP has allocated us a static IP 68.236.x.y which is configured
on the WAN port of the LinkSys router.

After reading Robert's input, I have also opened the ports 1723, 50, 51 for
TCP and 1701, 500 for UDP. Still I get the same error.

"Bill Grant" wrote:

> You say that your server has two NICs, both with private IP addresses.
> What device has the public IP?
>
> From your home machine, you can only connect to a public IP through the
> Internet. To make a VPN connection to a device with a private IP, you must
> forward the required port (tcp port 1723 for pptp) from the device with the
> public IP to your RRAS server's private IP. The client reaches the public IP
> through the Internet, and port forwarding extends the link to the machine on
> the private LAN.
>
> "Galop" <Galop@discussions.microsoft.com> wrote in message
> news:4E6940BB-1049-42AA-AAD7-DDB51837E372@microsoft.com...
> > Robert,
> >
> > I could not locate a solution for my issue on the link provided by you.
> >
> > The error I get, when trying to VPN connection is:
> >
> > "Error800: Unable to establish the VPN connection. The VPN server may be
> > unreachable, or security parameters may not be configured properly for
> > this
> > connection".
> >
> > I get error if I provide my VPN server address is 68.236.x.y (static IP,
> > configured on the router). I can ping to this ip successfully.
> >
> > I donot get any error if I provide my VPN server address as 192.168.16.2
> > OR
> > 192.168.1.10 (Two Nic cards of my server).
> >
> > "Robert L [MS-MVP]" wrote:
> >
> >> you may need open the ports on the router. quoted from
> >> http://www.howtonetworking.com/vpnsetup.htm
> >> Which ports need to be opened for running VPN
> >>
> >> A: PPTP VPN uses TCP Port 1723, IP Protocol 47 (GRE); L2TP: UDP Port
> >> 1701;
> >> IPSec: UDP Port 500, Pass IP protocol 50 and 51. Note: 47 is a protocol
> >> number and not TCP port. The protocol name is GRE. It'll make a big
> >> difference when configuring your firewall or router.
> >>
> >> Don't send e-mail or reply to me except you need consulting services.
> >> Posting on MS newsgroup will benefit all readers and you may get more
> >> help.
> >>
> >> Bob Lin, MS-MVP, MCSE & CNE
> >> How to Setup Windows, Network, Remote Access on
> >> http://www.HowToNetworking.com
> >> Networking, Internet, Routing, VPN Troubleshooting on
> >> http://www.ChicagoTech.net
> >> This posting is provided "AS IS" with no warranties.
> >> "Galop" <Galop@discussions.microsoft.com> wrote in message
> >> news:0B35BC5E-67D7-4CFA-B251-83AED9F629D8@microsoft.com...
> >> >I have W2K server connected to internet over DSL. The ISP has provided
> >> > 68.236.x.y static address. I have configured this all as per
> >> > http://www.smallbizserver.net/Default.aspx?tabid=52 (but without a ISA
> >> > server). All is fine.
> >> >
> >> > I want to connect my home Laptop to this server over VPN/internet to
> >> > share
> >> > the resources by "Map network drive" option. My home computer is an XP
> >> > and
> >> > connects internet via a cable modem. I can ping my server's IP address.
> >> > But
> >> > unable to connect to it over VPN client setup.
> >> >
> >> > I have perfomed the same test successfully with my Laptop in the office
> >> > and
> >> > the VPN server address is set to local 192.168.10.z I guess, the static
> >> > IP
> >> > on
> >> > the Linksys router is not passing the traffic to Servers' Internal NIC?
> >> > Any
> >> > suggestions how to resolve this?
> >>
> >>
> >>
>
>
>

Relevant Pages

  • Re: FTP versus Copy
    ... Remember he said over a WAN. ... Swen Internet worm to visit you. ... itself to UseNet News Groups as well as it has its own email engine. ... |>best option for copying these files to the central site? ...
    (microsoft.public.win2000.general)
  • Re: Public IP Address for Remote Access
    ... for wan access to your home pc you are better off using ... with vnc there are lots of things to do if you want a secure connection. ... home a internet provider that has dynamic ip addressing. ... router to the particular pc on you lan (note that all of the pcs on your lan ...
    (alt.sys.pc-clone.dell)
  • Re: Unable to reach POP server
    ... I have actually already set up a rule to redirect all WAN ... Running Outlook as a regular Exchange client is great when inside on the LAN ... I'm not saying there aren't ways to run MAPI over the Internet, ...
    (microsoft.public.windows.server.networking)
  • Re: Network Design
    ... I connect to the internet at present via the SOHO TC 6 then the ADSL ... The soho TC 6 passes smtp etc to the WAN NIC. ... I recommend going to the single NIC deployment, where the firewall has ...
    (microsoft.public.windows.server.sbs)
  • Re: DHCPCD on an internal LAN
    ... your Internet connected machine and run IP masquerading to route the ... And, each internal LAN ... configuring everything with static IPs as I currently have things. ... is dnsmasq the tool for the job. ...
    (alt.os.linux)