Re: VPN Client
- From: "Adam Hudson" <abmhudson@xxxxxxxxxxx>
- Date: Fri, 10 Feb 2006 11:40:19 +1100
Hi Crina
Thanks for the advice. The only thing I am not sure of is if you have 3
different users connected from the same site into the same remote SBS, on
the router you need to open Port 1723 and most Netgear Routers ask you to
point that port to a particular local IP Address. If you opened port 1723
and have 3 rules saying if something uses Port 1723 to point it to the 3
local IP Addresses (eg 192.168.0.2 & 192.168.0.3 & 192.168.0.4) will it
work? I thought you could only point each port number to 1 local computer
and not to 3? I may be wrong.
The other thing I am worried about is the VPN taking over the uplink in the
ADSL connection. The connection we have is a 1500/256K connection on both
ends. Are you able to limit this to only using 50% of the available uplink?
I had a problem with this as I remote desktop'd into my PC at home and setup
the VPN. When I clicked on the VPN and it connected, I lost my connection
with Remote Desktop as I believe the VPN took over the uplink side of my DSL
connection and therefore I lost my Remote Desktop connection.
Any help on the above issues would be very helpful.
Thanks in advance.
Adam
""Crina Li"" <v-crinal@xxxxxxxxxxxxxxxxxxxx> wrote in message
news:TfYIwgULGHA.3052@xxxxxxxxxxxxxxxxxxxxxxxx
Hi Adam,
Thanks for your reply.
To allow VPN, you actually need to open outbound 1723 port on remote
client
computers. For the issue of simultaneous VPN, you can VPN to SBS at the
same time from 3 different remote client computers on the same location
because the 3 computers VPN to SBS using different source port and then
created connection with SBS and they also have a unique Call ID for the
connection.
The default maximum connection number is 5. You can increase the number.
Open Routing and Remote Access console, navigate to ports snap-in.
Right-click it and choose 'Properties'. Double-click WAN Miniport (PPTP).
Change the maximum port number to 10. Click 'OK' to close the dialog
boxes.
After doing this, restart the RRAS.
Hope it helps and I look forward to hearing from you.
Best regards,
Crina Li (MSFT)
Microsoft CSS Online Newsgroup Support
Get Secure! - www.microsoft.com/security
=====================================================
This newsgroup only focuses on SBS technical issues. If you have issues
regarding other Microsoft products, you'd better post in the corresponding
newsgroups so that they can be resolved in an efficient and timely manner.
You can locate the newsgroup here:
http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
When opening a new thread via the web interface, we recommend you check
the
"Notify me of replies" box to receive e-mail notifications when there are
any updates in your thread. When responding to posts via your newsreader,
please "Reply to Group" so that others may learn and benefit from your
issue.
Microsoft engineers can only focus on one issue per thread. Although we
provide other information for your reference, we recommend you post
different incidents in different threads to keep the thread clean. In
doing
so, it will ensure your issues are resolved in a timely manner.
For urgent issues, you may want to contact Microsoft CSS directly. Please
check http://support.microsoft.com for regional support phone numbers.
Any input or comments in this thread are highly appreciated.
=====================================================
This posting is provided "AS IS" with no warranties, and confers no
rights.
--------------------
| From: "Adam Hudson" <abmhudson@xxxxxxxxxxx>
| References: <ubvYuSBLGHA.2704@xxxxxxxxxxxxxxxxxxxx>
<Xq#bdZHLGHA.608@xxxxxxxxxxxxxxxxxxxxx>
<eiHIfRRLGHA.1028@xxxxxxxxxxxxxxxxxxxx>
<hi09FsRLGHA.608@xxxxxxxxxxxxxxxxxxxxx>
| Subject: Re: VPN Client
| Date: Thu, 9 Feb 2006 13:47:38 +1100
| Lines: 257
| X-Priority: 3
| X-MSMail-Priority: Normal
| X-Newsreader: Microsoft Outlook Express 6.00.2900.2670
| X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2670
| X-RFC2646: Format=Flowed; Original
| Message-ID: <exLNzMSLGHA.3424@xxxxxxxxxxxxxxxxxxxx>
| Newsgroups: microsoft.public.windows.server.sbs
| NNTP-Posting-Host: adsl-32-17.swiftdsl.com.au 218.214.32.17
| Path: TK2MSFTNGXA01.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTNGP12.phx.gbl
| Xref: TK2MSFTNGXA01.phx.gbl microsoft.public.windows.server.sbs:243169
| X-Tomcat-NG: microsoft.public.windows.server.sbs
|
| Hi Crina
|
| Thanks for your help. I spoke to Netgear who advised me that GRE
Protocol
is
| enabled. I worked out that you had to have Port 1723 open on both ends
and
| not just the server side. Once I opened Port 1723 on the external
computer
| it allowed the VPN connection to work.
|
| I am wondering as I have not tried this as yet, if you want to have 3
staff
| situated in an interstate office all VPN in at one time, can this
happen?
| They will all be VPNing from the same Internet connection. I dont think
will
| work as you need to tell the router which local IP Address to send Port
1723
| to and I dont think you can tell it 3 different IP Address for Port 1723
but
| I may be wrong.
|
| Regards
|
| Adam
|
| ""Crina Li"" <v-crinal@xxxxxxxxxxxxxxxxxxxx> wrote in message
| news:hi09FsRLGHA.608@xxxxxxxxxxxxxxxxxxxxxxxx
| > Hi Adam,
| >
| > Thanks for your update.
| >
| > As I know, to enable GRE Protocol 47 is based on the router. Some
router
| > has no such function. For detailed configuration, you may need to
contact
| > the hardware vendor.
| >
| > Also I provide the following KB articles for your reference:
| >
| > 241251 VPN Tunnels - GRE Protocol 47 Packet Description and Use
| > http://support.microsoft.com/default.aspx?scid=kb;EN-US;241251
| >
| > 241252 VPN Tunnels - PPTP Protocol Packet Description and Use
| > http://support.microsoft.com/default.aspx?scid=kb;EN-US;241252
| >
| > 888201 You receive an "Error 721" error message when you try to
establish
| > a
| > VPN connection through your Windows Server-based remote access server
| > http://support.microsoft.com/default.aspx?scid=kb;EN-US;888201
| >
| > Thanks for your time and I look forward to hearing from you.
| >
| > Best regards,
| >
| > Crina Li (MSFT)
| >
| > Microsoft CSS Online Newsgroup Support
| >
| > Get Secure! - www.microsoft.com/security
| >
| > =====================================================
| > This newsgroup only focuses on SBS technical issues. If you have
issues
| > regarding other Microsoft products, you'd better post in the
corresponding
| > newsgroups so that they can be resolved in an efficient and timely
manner.
| > You can locate the newsgroup here:
| > http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
| >
| > When opening a new thread via the web interface, we recommend you
check
| > the
| > "Notify me of replies" box to receive e-mail notifications when there
are
| > any updates in your thread. When responding to posts via your
newsreader,
| > please "Reply to Group" so that others may learn and benefit from your
| > issue.
| >
| > Microsoft engineers can only focus on one issue per thread. Although
we
| > provide other information for your reference, we recommend you post
| > different incidents in different threads to keep the thread clean. In
| > doing
| > so, it will ensure your issues are resolved in a timely manner.
| >
| > For urgent issues, you may want to contact Microsoft CSS directly.
Please
| > check http://support.microsoft.com for regional support phone numbers.
| >
| > Any input or comments in this thread are highly appreciated.
| >
| > =====================================================
| >
| > This posting is provided "AS IS" with no warranties, and confers no
| > rights.
| > --------------------
| > | From: "Adam Hudson" <abmhudson@xxxxxxxxxxx>
| > | References: <ubvYuSBLGHA.2704@xxxxxxxxxxxxxxxxxxxx>
| > <Xq#bdZHLGHA.608@xxxxxxxxxxxxxxxxxxxxx>
| > | Subject: Re: VPN Client
| > | Date: Thu, 9 Feb 2006 12:01:29 +1100
| > | | Newsgroups: microsoft.public.windows.server.sbs
| > | |
| > | How so you enable IP Protocol 47? I have forwarded port 1723 to the
| > server
| > | through the modem but still cant work out where to configure IP
Protocl
| > 47..
| > |
| > |
| > | ""Crina Li"" <v-crinal@xxxxxxxxxxxxxxxxxxxx> wrote in message
| > | news:Xq%23bdZHLGHA.608@xxxxxxxxxxxxxxxxxxxxxxxx
| > | > Hi Robert,
| > | >
| > | > Thank you for posting in SBS newsgroup.
| > | >
| > | > From your description, my understanding on this issue is: you
cannot
| > | > establish the VPN connection to the SBS server by using the
| > 'Connection
| > | > Manager' from external clients. If I have misunderstood your
concern,
| > | > please do not hesitate to let me know.
| > | >
| > | > Would you please help me confirm if you have followed the steps
below
| > to
| > | > configure VPN access on an SBS environment?
| > | >
| > | > 1. Run CEICW, follow the wizard and select Enable firewall and
then
| > make
| > | > sure Virtual Private Networking (VPN) is selected in the Services
| > | > Configuration page. And make sure you have typed the public FQDN
of
| > the
| > | > SBS
| > | > server on the Web Server Certificate page.
| > | > 2. Run Remote Access Wizard in Server Management\Internet and
| > | > E-mail\Configure Remote Access, and select VPN access in the
Remote
| > Access
| > | > Method page. After finishing this wizard, RRAS is configured to
allow
| > | > inbound VPN access, and it can assign IP addresses to the VPN
clients
| > by
| > | > using DHCP.
| > | >
| > | > Note: When we run the remote access wizard to set up the VPN
service,
| > we
| > | > need to input the public IP address or the public FQDN of the SBS
| > server.
| > | > We need to make sure that the address can be accessed from the
| > internet.
| > | >
| > | > 3. On the VPN client, go to https://publicFQDN/remote, clear I'm
using
| > a
| > | > public or shared computer, log in and download Connection Manager.
| > | > 4. Install Connection Manager on the VPN client.
| > | > 5. Is there a hardware router installed in front of the SBS
server?
If
| > so,
| > | > ensure that the port forwarding for TCP 1723 and GRE port
(protocol
| > number
| > | > 47) are opened. PPTP VPN is negotiating a connection on TCP port
1723
| > and
| > | > send data to and from the PPTP server using the GRE protocol (IP
| > Protocol
| > | > 47, 0x2F if you are looking in Network Monitor). You should open
port
| > 1723
| > | > on the router and also make sure IP Protocol 47 is allowed.
| > | >
| > | > For detailed information, you can refer to the following KB
articles:
| > | >
| > | > 323381 How to Allow Remote Users to Access Your Network in Windows
| > Server
| > | > 2003
| > | > http://support.microsoft.com/?id=323381
| > | >
| > | > 323441 How To Install and Configure a Virtual Private Network
Server
| > in
| > | > Windows
| > | > http://support.microsoft.com/?id=323441
| > | >
| > | > If you still cannot establish the VPN connection, please help me
to
| > | > collect
| > | > the following information for troubleshooting the problem:
| > | >
| > | > 1. What's the VPN server name you entered when you ran the Remote
| > Access
| > | > Wizard? Can you ping that name from the external client? The VPN
| > server
| > | > name should be the public FQDN or the public IP address of the SBS
| > server.
| > | > 2. Can you create VPN to SBS through new connection wizard on My
| > Network
| > | > Places on external client?
| > | > 3. Get the IPCONFIG /ALL results when Creating VPN on client
computer
| > and
| > | > SBS.
| > | > 4. Can you ping the server name and IP from the problematic
client?
| > | > 5. Would you please post a screen shot to newsgroup?
| > | >
| > | > I am appreciated your time and I look forward to hearing from you.
| > | >
| > | > Best regards,
| > | >
| > | > Crina Li (MSFT)
| > | >
| > | > Microsoft CSS Online Newsgroup Support
| > | >
| > | > Get Secure! - www.microsoft.com/security
| > | >
| > | > =====================================================
| > | > This newsgroup only focuses on SBS technical issues. If you have
| > issues
| > | > regarding other Microsoft products, you'd better post in the
| > corresponding
| > | > newsgroups so that they can be resolved in an efficient and timely
| > manner.
| > | > You can locate the newsgroup here:
| > | > http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
| > | >
| > | > When opening a new thread via the web interface, we recommend you
| > check
| > | > the
| > | > "Notify me of replies" box to receive e-mail notifications when
there
| > are
| > | > any updates in your thread. When responding to posts via your
| > newsreader,
| > | > please "Reply to Group" so that others may learn and benefit from
your
| > | > issue.
| > | >
| > | > Microsoft engineers can only focus on one issue per thread.
Although
| > we
| > | > provide other information for your reference, we recommend you
post
| > | > different incidents in different threads to keep the thread clean.
In
| > | > doing
| > | > so, it will ensure your issues are resolved in a timely manner.
| > | >
| > | > For urgent issues, you may want to contact Microsoft CSS directly.
| > Please
| > | > check http://support.microsoft.com for regional support phone
numbers.
| > | >
| > | > Any input or comments in this thread are highly appreciated.
| > | >
| > | > =====================================================
| > | >
| > | > This posting is provided "AS IS" with no warranties, and confers
no
| > | > rights.
| > | > --------------------
| > | > | From: "Robert Craig" <craigrobert@xxxxxxx>
| > | > | Subject: VPN Client
| > | > | Date: Tue, 7 Feb 2006 10:31:05 -0800
| > | > | | Newsgroups: microsoft.public.windows.server.sbs
| > | > | |
| > | > | I'd say about 9 out of 10 tries to VPN to my server from another
| > | > location
| > | > | fails. The connection just sits at verifying username and
password
| > and
| > | > | eventually gives up. Sometimes the error is the remote computer
did
| > not
| > | > | respond, the other is the server and client could not agree on a
| > PPTP
| > | > | connection. What could be wrong?
| > | > |
| > | > | Using SBS2003
| > | > |
| > | > | Thanks!
| > | > |
| > | > | Robert
| > | > |
| > | > |
| > | > |
| > | >
| > |
| > |
| > |
| >
|
|
|
.
- Follow-Ups:
- Re: VPN Client
- From: "Crina Li"
- Re: VPN Client
- References:
- VPN Client
- From: Robert Craig
- RE: VPN Client
- From: "Crina Li"
- Re: VPN Client
- From: Adam Hudson
- Re: VPN Client
- From: "Crina Li"
- Re: VPN Client
- From: Adam Hudson
- Re: VPN Client
- From: "Crina Li"
- VPN Client
- Prev by Date: RE: An inconsistency was encountered on the requested media
- Next by Date: Re: POP 3 doesn't like external email domains
- Previous by thread: Re: VPN Client
- Next by thread: Re: VPN Client
- Index(es):
Relevant Pages
|
Loading
