Re: VPN issue with SBS and Netgear FVS318
- From: Joe <joe@xxxxxxxxxxxxxx>
- Date: Fri, 29 Jul 2005 22:01:50 +0000
Bucket wrote:
Hi all. I have successfully set up a network where the clients can RWW (Remote Web Workplace) and Outlook Web Access successfully, but they would also like to VPN in and get access to drives and Outlook synchronisation through the VPN.
Ports that are open and forward on to the server are -
3389 (RDP), 80 (HTTP), 443 (HTTPS), 25 (SMTP), 1723 (PPTP / VPN),4125 (RWW)
and as stated the RWW works perfectly. We are able to connect with the Microsoft VPN client in the network connections but experience random dropouts. I have created a new VPN connection on my remote client and recieve error 721 - remote computer did not respond.
I have setup the VPN connection with defaults except for stipulating the domain name. The connection hangs on verifying username and password and I am using an account with Domain admin and the correct password.
The router had VPN settings which the client configured, but I have tested with and without them enabled and the same result happens. I also have the same issue connecting to my test server at home with a Netgear DG834 ADSL modem / firewall.
Is there a port I am missing on config for VPN? Do I have to setup IPsec passwords for basic Microsoft VPN? I don't want to purchase the Prosafe VPN client software just for basic VPN.
First of all, I know for sure the DG834 works. The thing you need to
enable and forward to SBS is called PPTP in the list of services. This includes port 1723/TCP and also the GRE protocol, which is part of PPTP.
IPSEC is an entirely different kind of VPN and is not involved here.
1723/TCP and GRE are all that the PPTP VPN need.
You can enable logging on firewall rules in the DG834. It doesn't tell you whether the rule allowed the connection or not, but if you have allowed and forwarded the service then you can assume that it was passed on. What you really need is similar logging at the client end, which will tell you whether replies are getting back or not.
One trap which may get you is IP addresses. The 192.168.0 and 192.168.1 subnets are often router defaults. If the same subnet exists at the client and SBS ends of the VPN, then routing will not work. Make sure all subnets are different.
If you get no connection at all, then it's something very basic. The port 1723 connection is the control channel for the VPN, the data is passed over GRE. It is possible for the VPN connection to be set up *and reported as being connected* without any GRE connection. As far as I can see, you're not even getting that far, which sounds like a firewall or routing issue at one end or other. .
- Prev by Date: Re: Motherboard for dual Opterons?
- Next by Date: Re: OWA is stalled "Loading" please help
- Previous by thread: Re: Motherboard for dual Opterons?
- Next by thread: Re: OWA is stalled "Loading" please help
- Index(es):
Relevant Pages
|
