RE: VPN's in SBS2003 using ISA.
- From: v-edtian@xxxxxxxxxxxxxxxxxxxx (Edward Tian)
- Date: Wed, 27 Jul 2005 01:33:45 GMT
Hi Victor:
Thank you for your reply, glad to see you again. :-)
You can send your information directly to my mailbox: v-edtian@xxxxxxxxxxxxx
By the way, have you tried the two steps I provided last time? What's the
result?
For your convenience, I paste the steps below:
==========
1. To determine whether the failure is caused by your local router, you can
do the following steps:
a. Please temporarily place a client directly connected to the external NIC
of the SBS Server. You can connect the external network adapter of the SBS
Server to a simple hub and connect the client to the same hub.
b. Manually configure the TCP/IP settings on the client computer to be on
the same subnet as the external network adapter of the SBS Server.
c. Turn off the Firewall Client on the client computer.
d. Configure the VPN connection on the client and do a VPN test.
If it works, we can make sure the issue is caused by the router. You should
contact the router vendor to gain more information about how to configure
the router.
If the problem still persists, it may be caused by incorrect SBS Server
configuration. You can refer to the following URL for more information:
How To Install and Configure a Virtual Private Network Server in Windows
Server 2003
http://support.microsoft.com/?id=323441
2. Also, you can use PPTP Ping to test if 1723 port and GRE protocol are
allowed to pass through. To do so:
a. Please run Pptpsrv.exe on the server side.
b. Run Pptpclnt.exe [ServerNameorIPaddress] on remote client.
c. When prompted by Pptpclnt.exe, type some text to send to Pptpsrv.exe,
and then click Enter.
d. You will see the text received at the host running Pptpsrv.exe. Then you
will see five GRE packets sent from Pptpclnt.exe and received at
Pptpsrv.exe.
Provide me with the output for reference.
NOTE: PPTP Ping tools (Pptpclnt and Pptpsrv) exist in Windows XP support
tools. For your convenience, I have attached the file within this reply.
NOTE: You should stop the Routing and Remote Access service on the RRAS
(VPN) server so that PPTPSRV can bind to port 1723
Basically, we will use PPTP Ping utility to determine whether any hardware
router or firewall is blocking GRE Protocol 47. The router must be able to
pass Generic Route Encapsulation (GRE) protocol 47 for PPTP traffic to
connect correctly to use VPN. When a cable/DSL router cannot map GRE
protocol 47 to the Routing and Remote Access server, you cannot connect to
the server from the Internet.
============
I look forward to your update. If anything is unclear, please feel free to
let me know. I am glad to be of assistance.
Have a nice day, Victor!:)
Best Regards
Edward Tian(MSFT)
Microsoft CSS Online Newsgroup Support
Get Secure! - www.microsoft.com/security
======================================================
This newsgroup only focuses on SBS technical issues. If you have issues
regarding other Microsoft products, you'd better post in the corresponding
newsgroups so that they can be resolved in an efficient and timely manner.
You can locate the newsgroup here:
http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
When opening a new thread via the web interface, we recommend you check the
"Notify me of replies" box to receive e-mail notifications when there are
any updates in your thread. When responding to posts via your newsreader,
please "Reply to Group" so that others may learn and benefit from your
issue.
Microsoft engineers can only focus on one issue per thread. Although we
provide other information for your reference, we recommend you post
different incidents in different threads to keep the thread clean. In doing
so, it will ensure your issues are resolved in a timely manner.
For urgent issues, you may want to contact Microsoft CSS directly. Please
check http://support.microsoft.com for regional support phone numbers.
Any input or comments in this thread are highly appreciated.
======================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
--------------------
| Thread-Topic: VPN's in SBS2003 using ISA.
| thread-index: AcWRxvj43CWUd4J3Sji6sAg197RSXg==
| X-WBNR-Posting-Host: 213.84.205.197
| From: "=?Utf-8?B?VmljdG9yIEhlaWprZQ==?="
<VictorHeijke@xxxxxxxxxxxxxxxxxxxxxxxxx>
| References: <34E41478-4A48-44FC-AFA7-D6CEFAAE69E2@xxxxxxxxxxxxx>
<3g4oxRthFHA.940@xxxxxxxxxxxxxxxxxxxxx>
<LyGZNz4iFHA.3120@xxxxxxxxxxxxxxxxxxxxx>
<0395B391-A86C-4C52-8A4C-F3B7B1D79C0D@xxxxxxxxxxxxx>
| Subject: RE: VPN's in SBS2003 using ISA.
| Date: Tue, 26 Jul 2005 02:47:01 -0700
| Lines: 98
| Message-ID: <70910A36-5E06-4F88-A27C-027EB29EC3C0@xxxxxxxxxxxxx>
| MIME-Version: 1.0
| Content-Type: text/plain;
| charset="Utf-8"
| Content-Transfer-Encoding: 7bit
| X-Newsreader: Microsoft CDO for Windows 2000
| Content-Class: urn:content-classes:message
| Importance: normal
| Priority: normal
| X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.0
| Newsgroups: microsoft.public.windows.server.sbs
| NNTP-Posting-Host: TK2MSFTNGXA03.phx.gbl 10.40.2.250
| Path: TK2MSFTNGXA01.phx.gbl!TK2MSFTNGXA02.phx.gbl!TK2MSFTNGXA03.phx.gbl
| Xref: TK2MSFTNGXA01.phx.gbl microsoft.public.windows.server.sbs:138766
| X-Tomcat-NG: microsoft.public.windows.server.sbs
|
| Mmmh, That's an anti-spam address?
| I could not sent it.
| Can you contact me on our e-mail address info @ flores.nl. I want to send
| you the network structure.
|
| Thanks in advance
| Victor
|
|
|
| "Victor Heijke" wrote:
|
| > Hi Edward,
| > I sent you en e-mail, since I wanted to give you more information on
our
| > network.
| >
| > Thanks Victor
| >
| > "Edward Tian" wrote:
| >
| > > Hi Victor:
| > > Thank you for your reply :)
| > >
| > > Since the VPN from internal client is success, we may need to find
out
| > > where the root cause is.
| > > 1. To determine whether the failure is caused by your local router,
you can
| > > do the following steps:
| > > a. Please temporarily place a client directly connected to the
external NIC
| > > of the SBS Server. You can connect the external network adapter of
the SBS
| > > Server to a simple hub and connect the client to the same hub.
| > > b. Manually configure the TCP/IP settings on the client computer to
be on
| > > the same subnet as the external network adapter of the SBS Server.
| > > c. Turn off the Firewall Client on the client computer.
| > > d. Configure the VPN connection on the client and do a VPN test.
| > > If it works, we can make sure the issue is caused by the router. You
should
| > > contact the router vendor to gain more information about how to
configure
| > > the router.
| > > If the problem still persists, it may be caused by incorrect SBS
Server
| > > configuration. You can refer to the following URL for more
information:
| > > How To Install and Configure a Virtual Private Network Server in
Windows
| > > Server 2003
| > > http://support.microsoft.com/?id=323441
| > >
| > > 2. Also, you can use PPTP Ping to test if 1723 port and GRE protocol
are
| > > allowed to pass through. To do so:
| > > a. Please run Pptpsrv.exe on the server side.
| > > b. Run Pptpclnt.exe [ServerNameorIPaddress] on remote client.
| > > c. When prompted by Pptpclnt.exe, type some text to send to
Pptpsrv.exe,
| > > and then click Enter.
| > > d. You will see the text received at the host running Pptpsrv.exe.
Then you
| > > will see five GRE packets sent from Pptpclnt.exe and received at
| > > Pptpsrv.exe.
| > > Provide me with the output for reference.
| > > NOTE: PPTP Ping tools (Pptpclnt and Pptpsrv) exist in Windows XP
support
| > > tools. For your convenience, I have attached the file within this
reply.
| > > NOTE: You should stop the Routing and Remote Access service on the
RRAS
| > > (VPN) server so that PPTPSRV can bind to port 1723
| > > Basically, we will use PPTP Ping utility to determine whether any
hardware
| > > router or firewall is blocking GRE Protocol 47. The router must be
able to
| > > pass Generic Route Encapsulation (GRE) protocol 47 for PPTP traffic
to
| > > connect correctly to use VPN. When a cable/DSL router cannot map GRE
| > > protocol 47 to the Routing and Remote Access server, you cannot
connect to
| > > the server from the Internet.
| > >
| > > Hope it helps. I appreciate you taking time to perform the test. I
look
| > > forward to hearing from you. If you have anything unclear, please
feel free
| > > to let me know, I am glad to be of assistance.
| > > Have a nice day, Victor! :)
| > >
| > > Best Regards
| > > Edward Tian(MSFT)
| > > Microsoft CSS Online Newsgroup Support
| > >
| > > Get Secure! - www.microsoft.com/security
| > > ======================================================
| > > This newsgroup only focuses on SBS technical issues. If you have
issues
| > > regarding other Microsoft products, you'd better post in the
corresponding
| > > newsgroups so that they can be resolved in an efficient and timely
manner.
| > > You can locate the newsgroup here:
| > > http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
| > >
| > > When opening a new thread via the web interface, we recommend you
check the
| > > "Notify me of replies" box to receive e-mail notifications when there
are
| > > any updates in your thread. When responding to posts via your
newsreader,
| > > please "Reply to Group" so that others may learn and benefit from
your
| > > issue.
| > >
| > > Microsoft engineers can only focus on one issue per thread. Although
we
| > > provide other information for your reference, we recommend you post
| > > different incidents in different threads to keep the thread clean. In
doing
| > > so, it will ensure your issues are resolved in a timely manner.
| > >
| > > For urgent issues, you may want to contact Microsoft CSS directly.
Please
| > > check http://support.microsoft.com for regional support phone numbers.
| > >
| > > Any input or comments in this thread are highly appreciated.
| > > ======================================================
| > > This posting is provided "AS IS" with no warranties, and confers no
rights
|
.
- References:
- VPN's in SBS2003 using ISA.
- From: Victor Heijke
- RE: VPN's in SBS2003 using ISA.
- From: Edward Tian
- RE: VPN's in SBS2003 using ISA.
- From: Edward Tian
- RE: VPN's in SBS2003 using ISA.
- From: Victor Heijke
- RE: VPN's in SBS2003 using ISA.
- From: Victor Heijke
- VPN's in SBS2003 using ISA.
- Prev by Date: Re: XP Home access Internet through SBS 2003 Standard server?
- Next by Date: Re: SBS Turn-Key Operation
- Previous by thread: RE: VPN's in SBS2003 using ISA.
- Next by thread: RE: VPN's in SBS2003 using ISA.
- Index(es):
Relevant Pages
|
Loading
