RE: VPN Connection Problem
- From: v-natliu@xxxxxxxxxxxxxxxxxxxx ("Nathan Liu [MSFT]")
- Date: Fri, 26 Aug 2005 14:52:02 GMT
Hi Bryon,
Thank you for your reply.
To narrow down this issue, please perform the below steps:
1. As you mentioned, since you cannot make a VPN connection over your
local network now, please re-run the CEICW and Remote Access Wizard to
re-check the settings. Since your received an error when you are running
the CEICW to configure the Firewall section, please also re-check if the
Firewall support UPnP, the CEICW can automatically configure the supported
UPnP firewall. Additionally, please do a screen capture of this error, and
then attach it in your reply. If it does not support UPnP, you must
manually configure it. You may need to contact your hardware vendor to
require help.
825763 How to configure Internet access in Windows Small Business Server
2003
http://support.microsoft.com/?id=825763
2. I have checked the testing result, the TCP Port 1723 correctly open,
but the GRE Protocol 47 does not pass the PPTP testing. Actually, this
issue is caused by your hardware router does not permit Generic Routing
Encapsulation (GRE) protocol traffic. PPTP uses GRE for tunneled data. To
resolve this issue, simply edit your router to allow GRE 47 protocol. You
may also need to contact your hardware vendor to ensure the port for GRE 47
is opened.
For more information:
888201 You receive an "Error 721" error message when you try to establish a
VPN
http://support.microsoft.com/?id=888201
I am appreciated your time and cooperation. If anything is unclear, please
feel free to let me know. I am looking forward to hearing from you.
Best regards,
Nathan Liu (MSFT)
Microsoft CSS Online Newsgroup Support
Get Secure! - www.microsoft.com/security
======================================================
This newsgroup only focuses on SBS technical issues. If you have issues
regarding other Microsoft products, you'd better post in the corresponding
newsgroups so that they can be resolved in an efficient and timely manner.
You can locate the newsgroup here:
http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
When opening a new thread via the web interface, we recommend you check the
"Notify me of replies" box to receive e-mail notifications when there are
any updates in your thread. When responding to posts via your newsreader,
please "Reply to Group" so that others may learn and benefit from your
issue.
Microsoft engineers can only focus on one issue per thread. Although we
provide other information for your reference, we recommend you post
different incidents in different threads to keep the thread clean. In doing
so, it will ensure your issues are resolved in a timely manner.
For urgent issues, you may want to contact Microsoft CSS directly. Please
check http://support.microsoft.com for regional support phone numbers.
Any input or comments in this thread are highly appreciated.
======================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
--------------------
>Thread-Topic: VPN Connection Problem
>thread-index: AcWpANZCtffl6ciMQZGPX2qg+l9Bag==
>X-WBNR-Posting-Host: 209.181.6.73
>From: =?Utf-8?B?QnJ5b24gVmFzc2Vu?= <BryonVassen@xxxxxxxxxxxxxxxxxxxxxxxxx>
>References: <1B30173E-B546-475D-BA2B-837F772E0D27@xxxxxxxxxxxxx>
<pT69OHIqFHA.472@xxxxxxxxxxxxxxxxxxxxx>
>Subject: RE: VPN Connection Problem
>Date: Wed, 24 Aug 2005 16:09:10 -0700
>Lines: 234
>Message-ID: <88D7BFA0-6FDB-4EDF-BA23-F85C2B0A7B25@xxxxxxxxxxxxx>
>MIME-Version: 1.0
>Content-Type: text/plain;
> charset="Utf-8"
>Content-Transfer-Encoding: 7bit
>X-Newsreader: Microsoft CDO for Windows 2000
>Content-Class: urn:content-classes:message
>Importance: normal
>Priority: normal
>X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.0
>Newsgroups: microsoft.public.windows.server.sbs
>NNTP-Posting-Host: TK2MSFTNGXA03.phx.gbl 10.40.2.250
>Path: TK2MSFTNGXA01.phx.gbl!TK2MSFTNGXA02.phx.gbl!TK2MSFTNGXA03.phx.gbl
>Xref: TK2MSFTNGXA01.phx.gbl microsoft.public.windows.server.sbs:147530
>X-Tomcat-NG: microsoft.public.windows.server.sbs
>
>Thanks for getting back with me Nathan and here is what I have found.
>
>1. I cannot make a VPN connection over my local network now. I was able
to
>make VPN connections over my LAN in the past couple of days but something
>obviously has changed. When I have been trying to figure this out, I make
a
>change to test and if it doesn't work I reverse the change to what is was
>before.
>
>2. Here is what happened on each end:
>
>Server
>C:\>pptpsrv.exe
>
>Error 10048 binding Socket:
>WSAEADDRINUSE: Address already in use
>
>Created socket for GRE protocol test
>
>Listening on PROTOCOL 47 for incoming GRE packets...
>
>Windows XP SP2 Client
>C:\Program Files\Support Tools>pptpclnt.exe billings1
>
>Initializing WinSock...
>Obtaining host information...
>Successfully resolved server's host information
>
>======================================
>Enter data to send to server (between 1 and 255 chrs.), then hit enter:
>-->help me
>
>Successfully connected to server using TCP port 1723 (PPTP)
>Sending data to server
>
>Waiting for a reply to the data which was just sent...
>Received a reply. Reply contains the following text:
>--->
>
>=================================
>Connectivity test to TCP Port 1723 was successful!!!
>Closing down socket...
>=================================
>
>Creating a socket to test GRE protocol traffic...
>
>Total GRE packets sent = 1
>Total GRE packets sent = 2
>Total GRE packets sent = 3
>Total GRE packets sent = 4
>Total GRE packets sent = 5
>
>=====================================
>Check server to see if the GRE packets were received successfully
>=====================================
>
>Closing down socket
>
>Goodbye!
>
>Nothing is received on the server end.
>
>3. I was unable to create a connection. It gets to username and password
>but then I get error 721 after 30 seconds.
>
>4. I reran CEICW and made sure the VPN connection was checked in the
>Firewall section but everytime it goes to configure I get an error on the
>firewall. Everything else takes just fine.
>
>5. I didn't bother to update my firmware as of yet because I figured the
>issues above were the problem since I was able to create a VPN connection
>before with the same router and settings.
>
>Thanks again for your help, I hope we can figure this out as I'm going
nuts.
>
>Bryon
>
>""Nathan Liu [MSFT]"" wrote:
>
>> Hello Bryon,
>>
>> Thank you for posting in the SBS newsgroup.
>>
>> According to your description, I understand that you have some problems
>> with VPN connection in the SBS 2003 Server network environment. If I
have
>> misunderstood your concern, please don't hesitate to let me know.
>>
>> Let's first focus on the first problem, after it is resolved, we will
>> continue to work on the second problem. Thanks for your understanding.
>>
>> 1. To determine if this is the router issue or the SBS issue, I suggest
>> you create a VPN connection on one of your internal client and check if
it
>> can connects to the SBS server. If it connects to the server through a
VPN
>> connection fine, this should be the router networking issue. I would
>> suggest you check if TCP port 1723 and Generic Route Encapsulation (GRE)
>> (Protocol 47) are opened.
>>
>> 2. Error 721 is usually caused by firewalls'' not passing through GRE
>> packets. We can verify if the GRE packets is blocked by using the PPTP
Ping
>> utilities. Stop the Routing and Remote Access service on the SBS server
and
>> run PPTPSRV. On the VPN client, run PPTPCLNT. We can use the PPTP Ping
tool
>> included in Windows XP Support tools to check whether the ports are
opened
>> to allow VPN connection. You can find Windows XP support tool from the
>> "Support\Tools" folder in the Windows XP CD.
>>
>> a) Get two utilities pptpsrv.exe and pptpclnt.exe from the Windows XP
>> support tools.
>>
>> b) Run the pptpsrv.exe utility on the SBS server.
>>
>> c) Run the pptpclnt.exe utility on the problem Windows XP
>> Professional-based computer. I assume that the IP address of the VPN
server
>> is 202.123.123.1, you need to run the command "pptpclnt 202.123.123.1".
>>
>> d) Input a string to perform a test.
>>
>> Both utilities can check if the TCP 1723 is opened on all devices from
>> computer A and computer B. They can also check if GRE Protocol 47 can be
>> transferred from the computer A and computer B.
>>
>> More information:
>>
>> 888201 You receive an "Error 721" error message when you try to
establish a
>> VPN
>> http://support.microsoft.com/?id=888201
>>
>> 3. If you directly connect a workstation to the external NIC, manually
>> configure the IP address of workstation (make sure that the workstation
IP
>> and the server external IP are in the same subnet) and then manually
create
>> a VPN dial entry. Can you establish the VPN session?
>>
>> 4. If the issue persists, please re-run the CEICW to configure the
>> internet connections and run the Remote Access wizard to enable the VPN
>> server?
>>
>> More info:
>> 825763 How to configure Internet access in Windows Small Business Server
>> 2003
>> http://support.microsoft.com/?id=825763
>>
>> 5. In addition, you may try to upgrade the firmware of the router to
see
>> if the problem will be resolved.
>>
>> I am appreciated your time and cooperation. If anything is unclear,
please
>> feel free to let me know. I am looking forward to hearing from you.
>>
>> Best regards,
>>
>> Nathan Liu (MSFT)
>> Microsoft CSS Online Newsgroup Support
>>
>> Get Secure! - www.microsoft.com/security
>> ======================================================
>> This newsgroup only focuses on SBS technical issues. If you have issues
>> regarding other Microsoft products, you'd better post in the
corresponding
>> newsgroups so that they can be resolved in an efficient and timely
manner.
>> You can locate the newsgroup here:
>> http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
>>
>> When opening a new thread via the web interface, we recommend you check
the
>> "Notify me of replies" box to receive e-mail notifications when there
are
>> any updates in your thread. When responding to posts via your
newsreader,
>> please "Reply to Group" so that others may learn and benefit from your
>> issue.
>>
>> Microsoft engineers can only focus on one issue per thread. Although we
>> provide other information for your reference, we recommend you post
>> different incidents in different threads to keep the thread clean. In
doing
>> so, it will ensure your issues are resolved in a timely manner.
>>
>> For urgent issues, you may want to contact Microsoft CSS directly.
Please
>> check http://support.microsoft.com for regional support phone numbers.
>>
>> Any input or comments in this thread are highly appreciated.
>> ======================================================
>> This posting is provided "AS IS" with no warranties, and confers no
rights.
>>
>> --------------------
>> >Thread-Topic: VPN Connection Problem
>> >thread-index: AcWng7kcxCnuae3ZQxCZxnfh8erLUw==
>> >X-WBNR-Posting-Host: 209.181.6.73
>> >From: =?Utf-8?B?QnJ5b24gVmFzc2Vu?=
<BryonVassen@xxxxxxxxxxxxxxxxxxxxxxxxx>
>> >Subject: VPN Connection Problem
>> >Date: Mon, 22 Aug 2005 18:41:03 -0700
>> >Lines: 25
>> >Message-ID: <1B30173E-B546-475D-BA2B-837F772E0D27@xxxxxxxxxxxxx>
>> >MIME-Version: 1.0
>> >Content-Type: text/plain;
>> > charset="Utf-8"
>> >Content-Transfer-Encoding: 7bit
>> >X-Newsreader: Microsoft CDO for Windows 2000
>> >Content-Class: urn:content-classes:message
>> >Importance: normal
>> >Priority: normal
>> >X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.0
>> >Newsgroups: microsoft.public.windows.server.sbs
>> >NNTP-Posting-Host: TK2MSFTNGXA03.phx.gbl 10.40.2.250
>> >Path: TK2MSFTNGXA01.phx.gbl!TK2MSFTNGXA03.phx.gbl
>> >Xref: TK2MSFTNGXA01.phx.gbl microsoft.public.windows.server.sbs:146836
>> >X-Tomcat-NG: microsoft.public.windows.server.sbs
>> >
>> >I am having a problem with my VPN connection's. At first I thought I
was
>> >having two separate problems but the more I try to figure this out the
>> more I
>> >think they are linked. The first problem is when outside my network
when
>> I
>> >try to create a VPN connection I keep getting error 721. I have port
1723
>> >open and router is capable of PPTP passthrough. I was able to make VPN
>> >connection from outside my network awhile ago but then it all of a
sudden
>> >quit. I am able to make a VPN connection from inside the LAN. The
only
>> >changes that have been made to SBS 2003 are updates.
>> >
>> >The second problem is also a VPN problem that I think is linked to the
>> first
>> >one. I use Cisco VPN Client to connect to one of my clients and once
the
>> >connection is made I connect to a SQL server. I can make the VPN
>> connection
>> >just fine but for some reason when I am inside my network I am unable
to
>> make
>> >the connection to the SQL server. When I move a computer outside the
LAN
>> to
>> >the router between my DSL modem and SBS box I am able to make the VPN
>> >connection and connect to the SQL server. This leads me to beleive the
>> >problem is within the SBS server.
>> >
>> >Here is my setup:
>> >SBS 2003 Standard with two nics
>> >Server is acting as router for LAN
>> >DSL Modem>Router>SBS2003>Switch>Workstations
>> >
>> >Any help would be greatly appreciated as I have been trying to figure
this
>> >out for over a week.
>> >
>>
>>
>
.
- Follow-Ups:
- RE: VPN Connection Problem
- From: Bryon Vassen
- RE: VPN Connection Problem
- References:
- VPN Connection Problem
- From: Bryon Vassen
- RE: VPN Connection Problem
- From: "Nathan Liu [MSFT]"
- RE: VPN Connection Problem
- From: Bryon Vassen
- VPN Connection Problem
- Prev by Date: Re: NT4
- Next by Date: RE: I have the same problem!!!!!
- Previous by thread: RE: VPN Connection Problem
- Next by thread: RE: VPN Connection Problem
- Index(es):
Relevant Pages
|
Loading
