Cannot access VPN through Win 2003 NAT server

I'm having trouble connecting to a Linksys BEFVP41 VPN router at work.
If I connect directly to the Internet (I use dial-up) with my laptop
(XP Pro SP2), I can connect to the VPN with no problems. If I use my
server (Windows 2003 Std) as a router to go onto the Internet, if I
ping the VPN all I get is "Negotiating IP Security". I've tried
opening ports on the Remote Router under Routing and Remote Access (I
opened ports 500, 4500, 1701, 1723, 50) with no success. With opening
up these ports, I am supposed to enter in my laptop's ip into the
private address, correct? Also, with the NAT, do you have to be logged
in to the domain for the NAT services to operate correctly?

Thanks

Chris S.

We need more information to help. Which type port (UDP, TCP or IP) do you open for 500, 4500, 1701, 1723, 50? Any errors in the log and event viewer? also you may want to use IP security monitor to troubleshoot it. This search result may help,

IPSec Audit Policy: To troubleshoot IPSec when it does not behave the way that you expect it to, first check the results of the Phase One and Phase Two exchanges ...
www.chicagotech.net/ipsec.htm


Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN Troubleshooting on http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on http://www.HowToNetworking.com
<(E-Mail Removed)> wrote in message news:(E-Mail Removed) ups.com...
I'm having trouble connecting to a Linksys BEFVP41 VPN router at work.
If I connect directly to the Internet (I use dial-up) with my laptop
(XP Pro SP2), I can connect to the VPN with no problems. If I use my
server (Windows 2003 Std) as a router to go onto the Internet, if I
ping the VPN all I get is "Negotiating IP Security". I've tried
opening ports on the Remote Router under Routing and Remote Access (I
opened ports 500, 4500, 1701, 1723, 50) with no success. With opening
up these ports, I am supposed to enter in my laptop's ip into the
private address, correct? Also, with the NAT, do you have to be logged
in to the domain for the NAT services to operate correctly?

Thanks

Chris S.

Robert L [MS-MVP] wrote:
> We need more information to help. Which type port (UDP, TCP or IP) do you open for 500, 4500, 1701, 1723, 50? Any errors in the log and event viewer? also you may want to use IP security monitor to troubleshoot it. This search result may help,
>
> IPSec Audit Policy: To troubleshoot IPSec when it does not behave the way that you expect it to, first check the results of the Phase One and Phase Two exchanges ...
> www.chicagotech.net/ipsec.htm
>
>
> Bob Lin, MS-MVP, MCSE & CNE
> Networking, Internet, Routing, VPN Troubleshooting on http://www.ChicagoTech.net
> How to Setup Windows, Network, VPN & Remote Access on http://www.HowToNetworking.com

I've tried looking at the site, but really couldn't find what I was
looking for (although I may not know what I'm looking for). Ports 500,
4500 and 1701 are UDP, 1723 is TCP and none of these be changed. Port
50 is UDP, can be changed to TCP if needed. I'm not seeing any errors
in event viewer.

IP security monitor and log should have some errors.

Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN Troubleshooting on http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on http://www.HowToNetworking.com
<(E-Mail Removed)> wrote in message news:(E-Mail Removed) oups.com...

Robert L [MS-MVP] wrote:
> We need more information to help. Which type port (UDP, TCP or IP) do you open for 500, 4500, 1701, 1723, 50? Any errors in the log and event viewer? also you may want to use IP security monitor to troubleshoot it. This search result may help,
>
> IPSec Audit Policy: To troubleshoot IPSec when it does not behave the way that you expect it to, first check the results of the Phase One and Phase Two exchanges ...
> www.chicagotech.net/ipsec.htm
>
>
> Bob Lin, MS-MVP, MCSE & CNE
> Networking, Internet, Routing, VPN Troubleshooting on http://www.ChicagoTech.net
> How to Setup Windows, Network, VPN & Remote Access on http://www.HowToNetworking.com

I've tried looking at the site, but really couldn't find what I was
looking for (although I may not know what I'm looking for). Ports 500,
4500 and 1701 are UDP, 1723 is TCP and none of these be changed. Port
50 is UDP, can be changed to TCP if needed. I'm not seeing any errors
in event viewer.

Robert L [MS-MVP] wrote:
> IP security monitor and log should have some errors.
>
> Bob Lin, MS-MVP, MCSE & CNE
> Networking, Internet, Routing, VPN Troubleshooting on http://www.ChicagoTech.net
> How to Setup Windows, Network, VPN & Remote Access on http://www.HowToNetworking.com
> <(E-Mail Removed)> wrote in message news:(E-Mail Removed) oups.com...
>
> Robert L [MS-MVP] wrote:
> > We need more information to help. Which type port (UDP, TCP or IP) do you open for 500, 4500, 1701, 1723, 50? Any errors in the log and event viewer? also you may want to use IP security monitor to troubleshoot it. This search result may help,
> >
> > IPSec Audit Policy: To troubleshoot IPSec when it does not behave the way that you expect it to, first check the results of the Phase One and Phase Two exchanges ...
> > www.chicagotech.net/ipsec.htm
> >
> >
> > Bob Lin, MS-MVP, MCSE & CNE
> > Networking, Internet, Routing, VPN Troubleshooting on http://www.ChicagoTech.net
> > How to Setup Windows, Network, VPN & Remote Access on http://www.HowToNetworking.com

OK, well I've set up a logging agent on the VPN side of the network to
see if it logs any errors. I've looked at the IPSec Monitor, but I
don't know what I'm looking for. I'm going to college for Computer
Networking, but I haven't started the class yet, and I'm pretty sure we
won't be getting into this for a few semesters.