VPN - can not connect to L2TP port

All,
I am having connection problem with my VPN and client boxes. Here is the
scenerio. WIndows 2003 RAS is installed with one NIC, configured with
private address. This VPN server is on DMZ. We have netscreen firewall and
the all the post need to make connection are opened. There are 3 remote
access policies 1. Allow VPN Connection. 2. Connection to MS RRAS and 3.
Connection to other access server. Policies are configured to use
certificate for authentication. Same the client is configured(EAP).
Only L2TP ports are opened. certificate is installed on both client and
server from private CA. RRAS server is configured in Router and VPN mode.
If I configured PPTP for connection, I am able to connect from internet but
I am not able to connect through internet using L2TP. The error came on
client machine "error 678: remote server did not responding"
I am not sure what went wrong. Is there anything I am missing?
Please help me out on this problem. Thanks to all.

--
Shah
MCSE, MCSA

It sounds like you lack the allowance for GRE (protocol 47) on your
firewall.

--
----------------------------------------------------------------------------------------------------------------------------
Johan Engdahl
CCSA, CCSE, CCA, MCP | johan AT firewall1 DOT nu | http://www.firewall1.nu

"Rahisuddin Shah" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> All,
> I am having connection problem with my VPN and client boxes. Here is the
> scenerio. WIndows 2003 RAS is installed with one NIC, configured with
> private address. This VPN server is on DMZ. We have netscreen firewall and
> the all the post need to make connection are opened. There are 3 remote
> access policies 1. Allow VPN Connection. 2. Connection to MS RRAS and 3.
> Connection to other access server. Policies are configured to use
> certificate for authentication. Same the client is configured(EAP).
> Only L2TP ports are opened. certificate is installed on both client and
> server from private CA. RRAS server is configured in Router and VPN mode.
> If I configured PPTP for connection, I am able to connect from internet
> but I am not able to connect through internet using L2TP. The error came
> on client machine "error 678: remote server did not responding"
> I am not sure what went wrong. Is there anything I am missing?
> Please help me out on this problem. Thanks to all.
>
> --
> Shah
> MCSE, MCSA
>

GRE is used by PPTP and has nothing to do with L2TP.

--
Regards,
Andrei Ungureanu
www.eventid.net
Test our new EventReader!
http://www.altairtech.ca/eventreader...lt2.asp?ref=au

"Johan Engdahl" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> It sounds like you lack the allowance for GRE (protocol 47) on your
> firewall.
>
> --
> ----------------------------------------------------------------------------------------------------------------------------
> Johan Engdahl
> CCSA, CCSE, CCA, MCP | johan AT firewall1 DOT nu | http://www.firewall1.nu
>
> "Rahisuddin Shah" <(E-Mail Removed)> wrote in message
> news:(E-Mail Removed)...
>> All,
>> I am having connection problem with my VPN and client boxes. Here is the
>> scenerio. WIndows 2003 RAS is installed with one NIC, configured with
>> private address. This VPN server is on DMZ. We have netscreen firewall
>> and the all the post need to make connection are opened. There are 3
>> remote access policies 1. Allow VPN Connection. 2. Connection to MS RRAS
>> and 3. Connection to other access server. Policies are configured to use
>> certificate for authentication. Same the client is configured(EAP).
>> Only L2TP ports are opened. certificate is installed on both client and
>> server from private CA. RRAS server is configured in Router and VPN mode.
>> If I configured PPTP for connection, I am able to connect from internet
>> but I am not able to connect through internet using L2TP. The error came
>> on client machine "error 678: remote server did not responding"
>> I am not sure what went wrong. Is there anything I am missing?
>> Please help me out on this problem. Thanks to all.
>>
>> --
>> Shah
>> MCSE, MCSA
>>
>
>