RE: another VPN problem, arror 721/800
- From: "Raymond" <Raymond@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Tue, 14 Jun 2005 13:08:09 -0700
Hi Nathan,
Thanks for responding. See my comments on your questions please. Hopefully
that will give you an idea. I'm stuck here.
"Nathan Liu [MSFT]" wrote:
> Hello Raymond,
>
> Thank you for posting in the SBS newsgroup.
>
> According to your description, I understand that you received the error
> message 721/800 when you try to access the SBS Server via VPN. If I have
> misunderstood your concern, please don't hesitate to let me know.
>
> To narrow down this issue, please answer and perform the following
> questions and steps below:
>
> 1. As you mentioned, you got it running a long time ago with an XP SP1
> machine, but now you cannot correctly use VPN on an other Windows XP SP2.
> Please try to disable the Windows Firewall on the Windows XP SP2 computer
> and any other third-party firewall softwares, then try again. Please check
> if the issue can be re-produced.
I don't know how to disable the XP2 firewall. I have installed XP Pro SP1 on
another laptop. I'm testing it within my LAN. When i use the VPN connection,
where in the config my public IP address is stated(the 1 you would use when
your remote) both won't work. When i create another VPN connection where i
won't state my public IP address but just the internal name of the SBS
server, then it's no problem. The VPN connection is running.
>
> 2. Please use more computers to test if it correctly work at internal or
> external.
>
> 3. Since you received the error message 721, the error 721 means that your
> router or ADSL Modem is not passing through the GRE-protocol (47) to your
> server. Please double-check this configuration. In addition, I suggest you
> need to upgrade the ADSL Modem firmware, and then try again. Please check
> if the issue can be re-produced.
I update the firmware a while ago. Latest firmware.
>
> 4. There are two NIC installed on the SBS server. If you directly connect
> a workstation to the external NIC, manually configure the IP address of
> workstation (make sure that the workstation IP and the server external IP
> are in the same subnet) and then manually create a VPN dial entry. Can you
> establish the VPN session?
I have done this with the config with the public IP address and after 1 sec
it said error 800.
>
> 5. Please refer to the following information to check the ADSL Modem
> configuration:
>
> Generally speaking, the following ports should be opened:
>
> TCP 25 This port is used for incoming SMTP traffic. If you are using POP3
> connector, it's not necessary to open this port.
> TCP 110 This port is used for POP3 mail clients. If there is no external
> POP3 mail user, it's not necessary to open this port.
> TCP 443 SSL for OWA, RWW sites
> TCP 444 SSL for Companyweb
> TCP 4125 Remote Web Workplace
> TCP 3389 Terminal services
> TCP 1723 PPTP VPN connection
> GRE port (protocol number 47) This port is used for incoming PPTP VPN
> connection.
All those ports are open, except port 110.
>
> 6. We also can use the PPTP Ping tool included in Windows XP Support tools
> to check whether the ports are opened to allow VPN connection. You can find
> Windows XP support tool from the "Support\Tools" folder in the Windows XP
> CD.
I found them and i ran the pptpsrv on the server but i got an error, 10048,
address already in use.
>
> a) Get two utilities pptpsrv.exe and pptpclnt.exe from the Windows XP
> support tools.
>
> b) Run the pptpsrv.exe utility on the SBS server.
>
> c) Run the pptpclnt.exe utility on the problem Windows XP
> Professional-based computer. I assume that the IP address of the VPN server
> is 202.123.123.1, you need to run the command "pptpclnt 202.123.123.1".
>
> d) Input a string to perform a test.
>
> Both utilities can check if the TCP 1723 is opened on all devices from
> computer A and computer B. They can also check if IP Protocol 47 can be
> transferred from the computer A and computer B.
>
> In addition, I suggest that you refer to the following KB articles to check
> this issue:
>
> 319108 Error Message: VPN Connection Error 800: Unable to Establish
> Connection
> http://support.microsoft.com/?id=319108
>
> 888201 You receive an "Error 721" error message when you try to establish a
> VPN
> http://support.microsoft.com/?id=888201
>
> 241251 VPN Tunnels - GRE Protocol 47 Packet Description and Use
> http://support.microsoft.com/?id=241251
>
> How to configure a connection to a virtual private network (VPN) in Windows
> XP
> http://support.microsoft.com/default.aspx?kbid=314076
>
> 825763 How to configure Internet access in Windows Small Business Server
> 2003
> http://support.microsoft.com/?id=825763
>
>
> If the issue still persists, please help me collect the following
> information for further troubleshooting:
>
> 1. Please help me describe the network topology in detail.
>
> 2. Please locate the Icwdetails.htm file from
> %sbsprogramdir%\Networking\ICW folder, copy all contexts in the file and
> paste it in your reply.
>
>
> I'm looking forward to your update. If you have any questions or concerns,
> please do not hesitate to let me know. I am always happy to be of further
> assistance.
>
> Best regards,
>
> Nathan Liu (MSFT)
> Microsoft CSS Online Newsgroup Support
> Get Secure! - www.microsoft.com/security
> =====================================================
> When responding to posts, please "Reply to Group" via your newsreader so
> that others may learn and benefit from your issue.
> =====================================================
> This posting is provided "AS IS" with no warranties, and confers no rights.
>
> --------------------
> >Thread-Topic: another VPN problem, arror 721/800
> >thread-index: AcVwVcqCzdwe9Nq4TOuZ4o/p8ebeqA==
> >X-WBNR-Posting-Host: 80.127.28.146
> >From: "=?Utf-8?B?UmF5bW9uZA==?=" <Raymond@xxxxxxxxxxxxxxxxxxxxxxxxx>
> >Subject: another VPN problem, arror 721/800
> >Date: Mon, 13 Jun 2005 13:23:42 -0700
> >Lines: 15
> >Message-ID: <49E17FEA-CBB3-4926-85E7-8140743CA3DD@xxxxxxxxxxxxx>
> >MIME-Version: 1.0
> >Content-Type: text/plain;
> > charset="Utf-8"
> >Content-Transfer-Encoding: 7bit
> >X-Newsreader: Microsoft CDO for Windows 2000
> >Content-Class: urn:content-classes:message
> >Importance: normal
> >Priority: normal
> >X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.0
> >Newsgroups: microsoft.public.windows.server.sbs
> >NNTP-Posting-Host: TK2MSFTNGXA03.phx.gbl 10.40.2.250
> >Path: TK2MSFTNGXA01.phx.gbl!TK2MSFTNGXA03.phx.gbl
> >Xref: TK2MSFTNGXA01.phx.gbl microsoft.public.windows.server.sbs:126979
> >X-Tomcat-NG: microsoft.public.windows.server.sbs
> >
> >Hi all,
> >
> >Again someone with that 721/800 vpn problem :(
> >
> >I have a speedtouch 510i adsl modem. Port 1723 is forwarded to my ext NIC.
> >Via telnet, nat create, i added protocol GRE to the modem. I ran the CEICW
> >again, selected VPN, and also the RRAS wizard. I tried to run VPN inside
> the
> >LAN and it didnt work. I didnt work remotely as well. Anyone with another
> >pointer what to do? Laptop is Windows XP SP2. SBS is standard edition. I
> got
> >it running a long time ago with an XP SP1 machine.
> >
> >Thanks,
> >Raymond
> >
> >
> >
>
>
.
- Follow-Ups:
- RE: another VPN problem, arror 721/800
- From: Nathan Liu [MSFT]
- RE: another VPN problem, arror 721/800
- References:
- another VPN problem, arror 721/800
- From: Raymond
- RE: another VPN problem, arror 721/800
- From: Nathan Liu [MSFT]
- another VPN problem, arror 721/800
- Prev by Date: Re: Using USB Flash Drives With SBS
- Next by Date: Re: SSL & SBS 2003 Std
- Previous by thread: RE: another VPN problem, arror 721/800
- Next by thread: RE: another VPN problem, arror 721/800
- Index(es):
Relevant Pages
|
