RE: VPN connection not passing the password auth' stage.
- From: v-edtian@xxxxxxxxxxxxxxxxxxxx (Edward Tian)
- Date: Tue, 16 Aug 2005 01:51:52 GMT
Dear Leythos:
Thank you for your useful suggestions.
Generally speaking, The Generic Route Encapsulation (GRE) protocol is used
in conjunction with Point-to-Point Tunneling Protocol (PPTP) to create
virtual private networks (VPNs) between clients or between clients and
servers.
One thing I want to clarify is that GRE protocol is based on Internet
Protocol (IP) other than TCP/UDP, so if we forward TCP/UDP 47 from the
router to the SBS box, we may still not able to establish the VPN tunnel.
Here is a detailed article about GRE Protocol 47 Packet description and use.
http://support.microsoft.com/default.aspx?scid=KB;[LN];241251
We can also use PPTP Ping utility to determine whether any hardware router
or firewall is blocking GRE Protocol 47. If server side can receive the GRE
packet, it will come to the conclusion that the hardware router support
inbound PPTP session.
Have a nice day! :)
Best Regards
Edward Tian(MSFT)
Microsoft CSS Online Newsgroup Support
Get Secure! - www.microsoft.com/security
======================================================
This newsgroup only focuses on SBS technical issues. If you have issues
regarding other Microsoft products, you'd better post in the corresponding
newsgroups so that they can be resolved in an efficient and timely manner.
You can locate the newsgroup here:
http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
When opening a new thread via the web interface, we recommend you check the
"Notify me of replies" box to receive e-mail notifications when there are
any updates in your thread. When responding to posts via your newsreader,
please "Reply to Group" so that others may learn and benefit from your
issue.
Microsoft engineers can only focus on one issue per thread. Although we
provide other information for your reference, we recommend you post
different incidents in different threads to keep the thread clean. In doing
so, it will ensure your issues are resolved in a timely manner.
For urgent issues, you may want to contact Microsoft CSS directly. Please
check http://support.microsoft.com for regional support phone numbers.
Any input or comments in this thread are highly appreciated.
======================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
--------------------
| From: Leythos <void@xxxxxxxxxxx>
| Newsgroups: microsoft.public.windows.server.sbs
| Subject: RE: VPN connection not passing the password auth' stage.
| Message-ID: <MPG.1d6a672c70d852c9989bbb@xxxxxxxxxxxxxxxxxxxxxxxxxxx>
| References: <BF236594.D8B%mfoster1@xxxxxxxxxx>
<8qVC4TUoFHA.3472@xxxxxxxxxxxxxxxxxxxxx>
| MIME-Version: 1.0
| Content-Type: text/plain; charset="iso-8859-15"
| Content-Transfer-Encoding: 7bit
| User-Agent: MicroPlanet-Gravity/2.60.2060
| X-Face:
A;M@wltH;y<_[X{sb87LCnwW0{GYN;Z<\@Q/T}aTqdjfj^J%XV3Om]F7_"(d:ajl~|a:@EF
| li/1j='OK"&W$2Z!)tCRWs}v2R*kIU,f~![aAN:!d(U"!VP7D74t`]z^ZlgC@b
| X-No-archive: yes
| Lines: 33
| Date: Mon, 15 Aug 2005 13:48:15 GMT
| NNTP-Posting-Host: 24.123.138.210
| X-Complaints-To: abuse@xxxxxx
| X-Trace: tornado.ohiordc.rr.com 1124113695 24.123.138.210 (Mon, 15 Aug
2005 09:48:15 EDT)
| NNTP-Posting-Date: Mon, 15 Aug 2005 09:48:15 EDT
| Organization: Road Runner High Speed Online http://www.rr.com
| Path:
TK2MSFTNGXA01.phx.gbl!TK2MSFTNGP08.phx.gbl!newsfeed00.sul.t-online.de!t-onli
ne.de!news.glorb.com!newsfeed-east.nntpserver.com!nntpserver.com!newsfeed-we
st.nntpserver.com!news-west.rr.com!news.rr.com!news-server.columbus.rr.com!t
ornado.ohiordc.rr.com.POSTED!53ab2750!not-for-mail
| Xref: TK2MSFTNGXA01.phx.gbl microsoft.public.windows.server.sbs:144451
| X-Tomcat-NG: microsoft.public.windows.server.sbs
|
| In article <8qVC4TUoFHA.3472@xxxxxxxxxxxxxxxxxxxxx>, v-
| edtian@xxxxxxxxxxxxxxxxxxxx says...
| > Hope it helps. I appreciate you taking time to perform the test. I look
| > forward to hearing from you. If you have anything unclear, please feel
free
| > to let me know, I am glad to be of assistance.
| >
| > Have a nice day, Mark! :)
| >
| > Best Regards
| > Edward Tian(MSFT)
| > Microsoft CSS Online Newsgroup Support
|
| Edward,
|
| Please update your scripted response to include the following:
|
| Many NAT Routers that do not properly support inbound PPTP can be made
| to support it by Port Forwarding TCP, UDP, or Both TCP/UDP 47 to the
| server.
|
| Some vendors suggest TCP other suggest TCP/UDP, and some vendors suggest
| different setups based on the firmware version.
|
| If GRE fails and you have a simple NAT router, try forwarding port 47
| (as shown above) to the server and attempting the PPTP connection again.
| If the combinations of "TCP" then "UDP" then "TCP/UDP" fail, then your
| router will not work for inbound PPTP sessions.
|
|
| --
|
| spam999free@xxxxxxxxxx
| remove 999 in order to email me
|
.
- References:
- VPN connection not passing the password auth' stage.
- From: Mark Foster
- RE: VPN connection not passing the password auth' stage.
- From: Edward Tian
- VPN connection not passing the password auth' stage.
- Prev by Date: Re: Disable RWW "Enable files or folders to be transferred between the remote computer and this computer"
- Next by Date: Re: New Install - DNS help please
- Previous by thread: RE: VPN connection not passing the password auth' stage.
- Next by thread: Re: VPN connection not passing the password auth' stage.
- Index(es):
Relevant Pages
|
