SBS 2003/VPN - Error 721

Hi

Here is a repost of a VPN Problem I am desperate to solve. I'm
keeping this concise as possible. Please coudl you take the time to
look this over?

I have a SBS 2003 server (not running ISA server). I also have another
server running ISA 2000 which links via external network card to an
ADSL router, which in turn goes to my ISP and the Internet.

I simply cannot get an XP client to connect via VPN through the
Internet (by running "Connect to Small Business Server icon" set up
via a remote connection disk). All I get is error 721.

UNSUCCESSFUL TESTS COMPLETED:

* I can't log onto the VPN via clients external network interface
(which links to another ADSL router/Internet). Error 721.

* I have plugged the client's external network card directly into the
external network card of the ISA Server. No change in behavior. Error
721

SUCCESSFUL TESTS COMPLETED:

I can log onto the VPN internally (using PDC internal network IP
address, and internal network card).

>>From the client I can Telnet port 1723 via the external network and
routers.

I have successfully tested GRE using pptpclnt.exe on the client and
pptsrv.exe on the server via the external network and routers.

MY CONFIGURATION SO FAR:

ISA Server:

* Added an extra static IP address (allocated from ISP) to External
network card for VPN use.
* Created Protocol definition for GRE, 47, Inbound.
* Created Protocol definition for PPTP, 1723 Inbound
* Published SBS internal network interface IP address to allocated
external VPN IP address. I'm only allowing GRE and PPTP protocols
through in this instance.

* ISA Packet Filters on allocated External VPN IP Address:
- UDP, Direction = Both, Local Port = 500, Remote Port = 500
- UDP, Direction = Both, Local Port = 1701, Remote Port = 1701
- PPTP call, 47, Direction = Both
- ICMP unreachable, ICMP. Inbound, ICP Type =3, ICMP Code = All codes

SBS Server:

* Ran remote access wizard, assigned VPN IP address I allocated for the
ISA Server box.
* Added user to "mobile users" security group.

Windows XP (SP2) Client:

* Note Internet is working fine via external network card.
* VPN was installed via a remote connection disk created on the SBS
2003 server.
* No Internal firewall used when testing.

Please can I have your thoughts on how I can get this thing working?

Many thanks!

Alex

.

Relevant Pages

  • RE: VPN Issue
    ... 317025 You Cannot Connect to the Internet After You Connect to a VPN Server ... | first done with a standard usb broadband modem on XP Professional. ...
    (microsoft.public.windows.server.sbs)
  • Re: Sometimes it works sometimes it doesnt (VPN data issues)
    ... NIC1 "Internet" is set to ... (the IP of the external firewall) and the DNS is set to ... A connection between the VPN server and the VPN client xxx.xxx.xxx.xxx ...
    (microsoft.public.windows.server.networking)
  • RE: VPN Error code 800 HELP!
    ... Can you visit Internet and OWA on SBS server? ... Just one PC get error code 800 connecting VPN connecting to SBS? ...
    (microsoft.public.windows.server.sbs)
  • RE: Sharing VPN client connection
    ... as a VPN server, configure the internal clients to connect the remote ... office by VPN connection and then access to the Internet from the Remote ... Enable internal clients to access the Internet. ... On the server, go to My Network Places, click New Connection Wizard. ...
    (microsoft.public.windows.server.sbs)
  • Re: The OTHER problem with Netgear WGT624 (and probably others)
    ... |>|>Isolated network zone, enforced by router and firewall rules. ... My preferred solution is to put the server behind ... |>| authenticated VPN and blocks all outbound connections. ... |>How does VPN help an office connect to the internet? ...
    (alt.internet.wireless)