Re: VPN Error 733, Event Log Error 20050 with SBS 2003
- From: "Nick Marks" <youngerpants@xxxxxxxxx>
- Date: 12 Nov 2006 11:05:39 -0800
Thanks for getting back to me Joe
I've run through your suggestions; I checked in RRAS ports and I've got
all 5 miniports, so no problem there, however, when I look in my DHCP
leases can only see the LAN clients. I assume I have no entries for RAS
because no VPN clients have ever got as far as being assigned an
address. Also, I'm trying to assign client addresses from a static pool
outside the DHCP range (my pool is from x.x.x.40-49 and my DHCP range
is x.x.x.50-254)
I've also looked at your pointers for enabling all authentication
methods. As suggested I've enabled all authentication and encryption
methods on both the server and client. Still no cigar, same error
messages
For the record, I'm sure the problem isnt with routing; I cant
establich a PPTP connection when I'm on the same LAN as the server.
Also, when I tested with pptpsvr/pptpclnt the server received the
message from the client (but the client never received a message back
from the server)
Any other ideas?
Joe wrote:
Nick Marks wrote:
Hi,
I'm afraid that this is somewhat of a repost as my previous posting did
not result in a fix for my problem. Any assistance would be greatly
appreciated; this problems a couple of weeks old now...
I have a Windows SBS 2003 sat on my network with an internal address
with port 1723 NAT'ed to our external static ip address on the router.
Likewise GRE is forwarding on the router, a Zyxel Prestige 660R-61C
(although I have previously tied using a Cisco 877)
I have run through the remote access wizard in order to enable VPN
access however whenever clients try to connect, the connection "seems"
to start working (Verifing Username/ Password, Registering your
computer on the network) then stops with "TCP/ IP CP reported error
733. The connection to the remote computer could not be completed. You
may need to adjust the protocols on this computer..."
I don't recall the previous post, but we see quite a few about VPN.
If you get to 'Verifying..' that generally means the TCP/IP port 1723
traffic is working, and there is no network address clash. 733 is
usually about PPP trouble i.e. the point-to-point tunnel which is
set up to carry the encrypted traffic.
Quick check: in the RRAS management console, have a look in Ports
for at least one WAN Miniport (PPTP) (VPN...) entry. There are five
enabled by default, but it's possible they have been removed previously.
Also check in DHCP->Scope->Address Leases that there are at least two
addresses assigned to RAS, it needs two per PPTP connection.
The other likely issue is that client and server have no common
encryption and authentication protocols. Usually both ends have a
range of these, and they negotiate the best possible security. To
at least get the system working, you can enable everything, and
disable them once you have some kind of connection. Look in RRAS
manager->Remote Access Policies->Small Business..., Edit Profiles
for the Mobile Users group, which should be the only entry.
Typical Authentication entries are the two MS-CHAP protocols, and
in Encryption, everything except None. If you only have remote XP
clients, you can probably disable all but the strongest encryption.
Have a look around this dialogue box, there are all kinds of things
which can stop VPN working, all disabled by default but which may
have previously been altered.
I have re-run through setting up Routing and Remote Access, and have
assigned a pool of addresses for VPN connections outside of the servers
DHCP range as per the advice on www.chicagotech.net but this does not
seem to have
fixed the problem.
In my event log I get Remote Access Error 20050, the user connected to
the porthas been disconnected because no network protocols were
sucessfully negotiated.
I have enabled logging in Routing and Remote Access to see if
this will shed any light on the matter, the following is what is logged
when I try to connect... I've masked the external IP details.
I've never had much success with these logs, though perhaps someone else
may make sense of it.
Are you able to try VPN from a laptop connected to the LAN? When that
works, try the same machine from outside. It's so much easier to sort
out protocol issues if you can get to both ends, and once VPN works
from the LAN, you know that any further problems are firewall or
remote network address issues.
.
- Follow-Ups:
- References:
- VPN Error 733, Event Log Error 20050 with SBS 2003
- From: Nick Marks
- Re: VPN Error 733, Event Log Error 20050 with SBS 2003
- From: Joe
- VPN Error 733, Event Log Error 20050 with SBS 2003
- Prev by Date: Re: Super strange Networking issue. (Careful, its a long story)
- Next by Date: Re: Trying to work out what vesion of Server I have
- Previous by thread: Re: VPN Error 733, Event Log Error 20050 with SBS 2003
- Next by thread: Re: VPN Error 733, Event Log Error 20050 with SBS 2003
- Index(es):
Relevant Pages
|
