VPN setup with static IP. How?

I have W2K server connected to internet over DSL. The ISP has provided
68.236.x.y static address. I have configured this all as per
http://www.smallbizserver.net/Default.aspx?tabid=52 (but without a ISA
server). All is fine.

I want to connect my home Laptop to this server over VPN/internet to share
the resources by "Map network drive" option. My home computer is an XP and
connects internet via a cable modem. I can ping my server's IP address. But
unable to connect to it over VPN client setup.

I have perfomed the same test successfully with my Laptop in the office and
the VPN server address is set to local 192.168.10.z I guess, the static IP on
the Linksys router is not passing the traffic to Servers' Internal NIC? Any
suggestions how to resolve this?

you may need open the ports on the router. quoted from
http://www.howtonetworking.com/vpnsetup.htm
Which ports need to be opened for running VPN

A: PPTP VPN uses TCP Port 1723, IP Protocol 47 (GRE); L2TP: UDP Port 1701;
IPSec: UDP Port 500, Pass IP protocol 50 and 51. Note: 47 is a protocol
number and not TCP port. The protocol name is GRE. It'll make a big
difference when configuring your firewall or router.

Don't send e-mail or reply to me except you need consulting services.
Posting on MS newsgroup will benefit all readers and you may get more help.

Bob Lin, MS-MVP, MCSE & CNE
How to Setup Windows, Network, Remote Access on
http://www.HowToNetworking.com
Networking, Internet, Routing, VPN Troubleshooting on
http://www.ChicagoTech.net
This posting is provided "AS IS" with no warranties.
"Galop" <(E-Mail Removed)> wrote in message
news:0B35BC5E-67D7-4CFA-B251-(E-Mail Removed)...
>I have W2K server connected to internet over DSL. The ISP has provided
> 68.236.x.y static address. I have configured this all as per
> http://www.smallbizserver.net/Default.aspx?tabid=52 (but without a ISA
> server). All is fine.
>
> I want to connect my home Laptop to this server over VPN/internet to share
> the resources by "Map network drive" option. My home computer is an XP and
> connects internet via a cable modem. I can ping my server's IP address.
> But
> unable to connect to it over VPN client setup.
>
> I have perfomed the same test successfully with my Laptop in the office
> and
> the VPN server address is set to local 192.168.10.z I guess, the static IP
> on
> the Linksys router is not passing the traffic to Servers' Internal NIC?
> Any
> suggestions how to resolve this?

Robert,

I could not locate a solution for my issue on the link provided by you.

The error I get, when trying to VPN connection is:

"Error800: Unable to establish the VPN connection. The VPN server may be
unreachable, or security parameters may not be configured properly for this
connection".

I get error if I provide my VPN server address is 68.236.x.y (static IP,
configured on the router). I can ping to this ip successfully.

I donot get any error if I provide my VPN server address as 192.168.16.2 OR
192.168.1.10 (Two Nic cards of my server).

"Robert L [MS-MVP]" wrote:

> you may need open the ports on the router. quoted from
> http://www.howtonetworking.com/vpnsetup.htm
> Which ports need to be opened for running VPN
>
> A: PPTP VPN uses TCP Port 1723, IP Protocol 47 (GRE); L2TP: UDP Port 1701;
> IPSec: UDP Port 500, Pass IP protocol 50 and 51. Note: 47 is a protocol
> number and not TCP port. The protocol name is GRE. It'll make a big
> difference when configuring your firewall or router.
>
> Don't send e-mail or reply to me except you need consulting services.
> Posting on MS newsgroup will benefit all readers and you may get more help.
>
> Bob Lin, MS-MVP, MCSE & CNE
> How to Setup Windows, Network, Remote Access on
> http://www.HowToNetworking.com
> Networking, Internet, Routing, VPN Troubleshooting on
> http://www.ChicagoTech.net
> This posting is provided "AS IS" with no warranties.
> "Galop" <(E-Mail Removed)> wrote in message
> news:0B35BC5E-67D7-4CFA-B251-(E-Mail Removed)...
> >I have W2K server connected to internet over DSL. The ISP has provided
> > 68.236.x.y static address. I have configured this all as per
> > http://www.smallbizserver.net/Default.aspx?tabid=52 (but without a ISA
> > server). All is fine.
> >
> > I want to connect my home Laptop to this server over VPN/internet to share
> > the resources by "Map network drive" option. My home computer is an XP and
> > connects internet via a cable modem. I can ping my server's IP address.
> > But
> > unable to connect to it over VPN client setup.
> >
> > I have perfomed the same test successfully with my Laptop in the office
> > and
> > the VPN server address is set to local 192.168.10.z I guess, the static IP
> > on
> > the Linksys router is not passing the traffic to Servers' Internal NIC?
> > Any
> > suggestions how to resolve this?
>
>
>

You say that your server has two NICs, both with private IP addresses.
What device has the public IP?

From your home machine, you can only connect to a public IP through the
Internet. To make a VPN connection to a device with a private IP, you must
forward the required port (tcp port 1723 for pptp) from the device with the
public IP to your RRAS server's private IP. The client reaches the public IP
through the Internet, and port forwarding extends the link to the machine on
the private LAN.

"Galop" <(E-Mail Removed)> wrote in message
news:4E6940BB-1049-42AA-AAD7-(E-Mail Removed)...
> Robert,
>
> I could not locate a solution for my issue on the link provided by you.
>
> The error I get, when trying to VPN connection is:
>
> "Error800: Unable to establish the VPN connection. The VPN server may be
> unreachable, or security parameters may not be configured properly for
> this
> connection".
>
> I get error if I provide my VPN server address is 68.236.x.y (static IP,
> configured on the router). I can ping to this ip successfully.
>
> I donot get any error if I provide my VPN server address as 192.168.16.2
> OR
> 192.168.1.10 (Two Nic cards of my server).
>
> "Robert L [MS-MVP]" wrote:
>
>> you may need open the ports on the router. quoted from
>> http://www.howtonetworking.com/vpnsetup.htm
>> Which ports need to be opened for running VPN
>>
>> A: PPTP VPN uses TCP Port 1723, IP Protocol 47 (GRE); L2TP: UDP Port
>> 1701;
>> IPSec: UDP Port 500, Pass IP protocol 50 and 51. Note: 47 is a protocol
>> number and not TCP port. The protocol name is GRE. It'll make a big
>> difference when configuring your firewall or router.
>>
>> Don't send e-mail or reply to me except you need consulting services.
>> Posting on MS newsgroup will benefit all readers and you may get more
>> help.
>>
>> Bob Lin, MS-MVP, MCSE & CNE
>> How to Setup Windows, Network, Remote Access on
>> http://www.HowToNetworking.com
>> Networking, Internet, Routing, VPN Troubleshooting on
>> http://www.ChicagoTech.net
>> This posting is provided "AS IS" with no warranties.
>> "Galop" <(E-Mail Removed)> wrote in message
>> news:0B35BC5E-67D7-4CFA-B251-(E-Mail Removed)...
>> >I have W2K server connected to internet over DSL. The ISP has provided
>> > 68.236.x.y static address. I have configured this all as per
>> > http://www.smallbizserver.net/Default.aspx?tabid=52 (but without a ISA
>> > server). All is fine.
>> >
>> > I want to connect my home Laptop to this server over VPN/internet to
>> > share
>> > the resources by "Map network drive" option. My home computer is an XP
>> > and
>> > connects internet via a cable modem. I can ping my server's IP address.
>> > But
>> > unable to connect to it over VPN client setup.
>> >
>> > I have perfomed the same test successfully with my Laptop in the office
>> > and
>> > the VPN server address is set to local 192.168.10.z I guess, the static
>> > IP
>> > on
>> > the Linksys router is not passing the traffic to Servers' Internal NIC?
>> > Any
>> > suggestions how to resolve this?
>>
>>
>>

Very succinctly put Bill!

tjh

I think something is mis understood. It is like this.

W2K server with two nics. 192.168.16.2 is internal LAN and 192.168.1.10 is
for external WAN. this external nic is connected to LinkSys router and the
WAN port of this rouetr is connected to DSL modem's RJ45. DSL modem connects
to ISP. The ISP has allocated us a static IP 68.236.x.y which is configured
on the WAN port of the LinkSys router.

After reading Robert's input, I have also opened the ports 1723, 50, 51 for
TCP and 1701, 500 for UDP. Still I get the same error.

"Bill Grant" wrote:

> You say that your server has two NICs, both with private IP addresses.
> What device has the public IP?
>
> From your home machine, you can only connect to a public IP through the
> Internet. To make a VPN connection to a device with a private IP, you must
> forward the required port (tcp port 1723 for pptp) from the device with the
> public IP to your RRAS server's private IP. The client reaches the public IP
> through the Internet, and port forwarding extends the link to the machine on
> the private LAN.
>
> "Galop" <(E-Mail Removed)> wrote in message
> news:4E6940BB-1049-42AA-AAD7-(E-Mail Removed)...
> > Robert,
> >
> > I could not locate a solution for my issue on the link provided by you.
> >
> > The error I get, when trying to VPN connection is:
> >
> > "Error800: Unable to establish the VPN connection. The VPN server may be
> > unreachable, or security parameters may not be configured properly for
> > this
> > connection".
> >
> > I get error if I provide my VPN server address is 68.236.x.y (static IP,
> > configured on the router). I can ping to this ip successfully.
> >
> > I donot get any error if I provide my VPN server address as 192.168.16.2
> > OR
> > 192.168.1.10 (Two Nic cards of my server).
> >
> > "Robert L [MS-MVP]" wrote:
> >
> >> you may need open the ports on the router. quoted from
> >> http://www.howtonetworking.com/vpnsetup.htm
> >> Which ports need to be opened for running VPN
> >>
> >> A: PPTP VPN uses TCP Port 1723, IP Protocol 47 (GRE); L2TP: UDP Port
> >> 1701;
> >> IPSec: UDP Port 500, Pass IP protocol 50 and 51. Note: 47 is a protocol
> >> number and not TCP port. The protocol name is GRE. It'll make a big
> >> difference when configuring your firewall or router.
> >>
> >> Don't send e-mail or reply to me except you need consulting services.
> >> Posting on MS newsgroup will benefit all readers and you may get more
> >> help.
> >>
> >> Bob Lin, MS-MVP, MCSE & CNE
> >> How to Setup Windows, Network, Remote Access on
> >> http://www.HowToNetworking.com
> >> Networking, Internet, Routing, VPN Troubleshooting on
> >> http://www.ChicagoTech.net
> >> This posting is provided "AS IS" with no warranties.
> >> "Galop" <(E-Mail Removed)> wrote in message
> >> news:0B35BC5E-67D7-4CFA-B251-(E-Mail Removed)...
> >> >I have W2K server connected to internet over DSL. The ISP has provided
> >> > 68.236.x.y static address. I have configured this all as per
> >> > http://www.smallbizserver.net/Default.aspx?tabid=52 (but without a ISA
> >> > server). All is fine.
> >> >
> >> > I want to connect my home Laptop to this server over VPN/internet to
> >> > share
> >> > the resources by "Map network drive" option. My home computer is an XP
> >> > and
> >> > connects internet via a cable modem. I can ping my server's IP address.
> >> > But
> >> > unable to connect to it over VPN client setup.
> >> >
> >> > I have perfomed the same test successfully with my Laptop in the office
> >> > and
> >> > the VPN server address is set to local 192.168.10.z I guess, the static
> >> > IP
> >> > on
> >> > the Linksys router is not passing the traffic to Servers' Internal NIC?
> >> > Any
> >> > suggestions how to resolve this?
> >>
> >>
> >>
>
>
>

Right. On the LinkSys router, do you have tcp port 1723 forwarded to the
server's private IP of 192.168.1.10 ?

If you have done this and you are getting error 800, change the settings
on the client machine to use pptp rather than automatic. 800 is a very
general message and just means you can't connect (which you already knew).
Forcing the client to use pptp will give you a more specific error which
might mean something useful.


"Galop" <(E-Mail Removed)> wrote in message
news:750345C4-1620-49B6-95BE-(E-Mail Removed)...
>I think something is mis understood. It is like this.
>
> W2K server with two nics. 192.168.16.2 is internal LAN and 192.168.1.10 is
> for external WAN. this external nic is connected to LinkSys router and the
> WAN port of this rouetr is connected to DSL modem's RJ45. DSL modem
> connects
> to ISP. The ISP has allocated us a static IP 68.236.x.y which is
> configured
> on the WAN port of the LinkSys router.
>
> After reading Robert's input, I have also opened the ports 1723, 50, 51
> for
> TCP and 1701, 500 for UDP. Still I get the same error.
>
> "Bill Grant" wrote:
>
>> You say that your server has two NICs, both with private IP addresses.
>> What device has the public IP?
>>
>> From your home machine, you can only connect to a public IP through
>> the
>> Internet. To make a VPN connection to a device with a private IP, you
>> must
>> forward the required port (tcp port 1723 for pptp) from the device with
>> the
>> public IP to your RRAS server's private IP. The client reaches the public
>> IP
>> through the Internet, and port forwarding extends the link to the machine
>> on
>> the private LAN.
>>
>> "Galop" <(E-Mail Removed)> wrote in message
>> news:4E6940BB-1049-42AA-AAD7-(E-Mail Removed)...
>> > Robert,
>> >
>> > I could not locate a solution for my issue on the link provided by you.
>> >
>> > The error I get, when trying to VPN connection is:
>> >
>> > "Error800: Unable to establish the VPN connection. The VPN server may
>> > be
>> > unreachable, or security parameters may not be configured properly for
>> > this
>> > connection".
>> >
>> > I get error if I provide my VPN server address is 68.236.x.y (static
>> > IP,
>> > configured on the router). I can ping to this ip successfully.
>> >
>> > I donot get any error if I provide my VPN server address as
>> > 192.168.16.2
>> > OR
>> > 192.168.1.10 (Two Nic cards of my server).
>> >
>> > "Robert L [MS-MVP]" wrote:
>> >
>> >> you may need open the ports on the router. quoted from
>> >> http://www.howtonetworking.com/vpnsetup.htm
>> >> Which ports need to be opened for running VPN
>> >>
>> >> A: PPTP VPN uses TCP Port 1723, IP Protocol 47 (GRE); L2TP: UDP Port
>> >> 1701;
>> >> IPSec: UDP Port 500, Pass IP protocol 50 and 51. Note: 47 is a
>> >> protocol
>> >> number and not TCP port. The protocol name is GRE. It'll make a big
>> >> difference when configuring your firewall or router.
>> >>
>> >> Don't send e-mail or reply to me except you need consulting services.
>> >> Posting on MS newsgroup will benefit all readers and you may get more
>> >> help.
>> >>
>> >> Bob Lin, MS-MVP, MCSE & CNE
>> >> How to Setup Windows, Network, Remote Access on
>> >> http://www.HowToNetworking.com
>> >> Networking, Internet, Routing, VPN Troubleshooting on
>> >> http://www.ChicagoTech.net
>> >> This posting is provided "AS IS" with no warranties.
>> >> "Galop" <(E-Mail Removed)> wrote in message
>> >> news:0B35BC5E-67D7-4CFA-B251-(E-Mail Removed)...
>> >> >I have W2K server connected to internet over DSL. The ISP has
>> >> >provided
>> >> > 68.236.x.y static address. I have configured this all as per
>> >> > http://www.smallbizserver.net/Default.aspx?tabid=52 (but without a
>> >> > ISA
>> >> > server). All is fine.
>> >> >
>> >> > I want to connect my home Laptop to this server over VPN/internet to
>> >> > share
>> >> > the resources by "Map network drive" option. My home computer is an
>> >> > XP
>> >> > and
>> >> > connects internet via a cable modem. I can ping my server's IP
>> >> > address.
>> >> > But
>> >> > unable to connect to it over VPN client setup.
>> >> >
>> >> > I have perfomed the same test successfully with my Laptop in the
>> >> > office
>> >> > and
>> >> > the VPN server address is set to local 192.168.10.z I guess, the
>> >> > static
>> >> > IP
>> >> > on
>> >> > the Linksys router is not passing the traffic to Servers' Internal
>> >> > NIC?
>> >> > Any
>> >> > suggestions how to resolve this?
>> >>
>> >>
>> >>
>>
>>
>>

Yeah, I have port 1723 forwarded to 192.168.1.10 on the LinkSys. I think the
issue could be something related to LinkSys only setrup. As you said, I have
configured the client for PPTP. The error is 678.

"Bill Grant" wrote:

> Right. On the LinkSys router, do you have tcp port 1723 forwarded to the
> server's private IP of 192.168.1.10 ?
>
> If you have done this and you are getting error 800, change the settings
> on the client machine to use pptp rather than automatic. 800 is a very
> general message and just means you can't connect (which you already knew).
> Forcing the client to use pptp will give you a more specific error which
> might mean something useful.
>
>
> "Galop" <(E-Mail Removed)> wrote in message
> news:750345C4-1620-49B6-95BE-(E-Mail Removed)...
> >I think something is mis understood. It is like this.
> >
> > W2K server with two nics. 192.168.16.2 is internal LAN and 192.168.1.10 is
> > for external WAN. this external nic is connected to LinkSys router and the
> > WAN port of this rouetr is connected to DSL modem's RJ45. DSL modem
> > connects
> > to ISP. The ISP has allocated us a static IP 68.236.x.y which is
> > configured
> > on the WAN port of the LinkSys router.
> >
> > After reading Robert's input, I have also opened the ports 1723, 50, 51
> > for
> > TCP and 1701, 500 for UDP. Still I get the same error.
> >
> > "Bill Grant" wrote:
> >
> >> You say that your server has two NICs, both with private IP addresses.
> >> What device has the public IP?
> >>
> >> From your home machine, you can only connect to a public IP through
> >> the
> >> Internet. To make a VPN connection to a device with a private IP, you
> >> must
> >> forward the required port (tcp port 1723 for pptp) from the device with
> >> the
> >> public IP to your RRAS server's private IP. The client reaches the public
> >> IP
> >> through the Internet, and port forwarding extends the link to the machine
> >> on
> >> the private LAN.
> >>
> >> "Galop" <(E-Mail Removed)> wrote in message
> >> news:4E6940BB-1049-42AA-AAD7-(E-Mail Removed)...
> >> > Robert,
> >> >
> >> > I could not locate a solution for my issue on the link provided by you.
> >> >
> >> > The error I get, when trying to VPN connection is:
> >> >
> >> > "Error800: Unable to establish the VPN connection. The VPN server may
> >> > be
> >> > unreachable, or security parameters may not be configured properly for
> >> > this
> >> > connection".
> >> >
> >> > I get error if I provide my VPN server address is 68.236.x.y (static
> >> > IP,
> >> > configured on the router). I can ping to this ip successfully.
> >> >
> >> > I donot get any error if I provide my VPN server address as
> >> > 192.168.16.2
> >> > OR
> >> > 192.168.1.10 (Two Nic cards of my server).
> >> >
> >> > "Robert L [MS-MVP]" wrote:
> >> >
> >> >> you may need open the ports on the router. quoted from
> >> >> http://www.howtonetworking.com/vpnsetup.htm
> >> >> Which ports need to be opened for running VPN
> >> >>
> >> >> A: PPTP VPN uses TCP Port 1723, IP Protocol 47 (GRE); L2TP: UDP Port
> >> >> 1701;
> >> >> IPSec: UDP Port 500, Pass IP protocol 50 and 51. Note: 47 is a
> >> >> protocol
> >> >> number and not TCP port. The protocol name is GRE. It'll make a big
> >> >> difference when configuring your firewall or router.
> >> >>
> >> >> Don't send e-mail or reply to me except you need consulting services.
> >> >> Posting on MS newsgroup will benefit all readers and you may get more
> >> >> help.
> >> >>
> >> >> Bob Lin, MS-MVP, MCSE & CNE
> >> >> How to Setup Windows, Network, Remote Access on
> >> >> http://www.HowToNetworking.com
> >> >> Networking, Internet, Routing, VPN Troubleshooting on
> >> >> http://www.ChicagoTech.net
> >> >> This posting is provided "AS IS" with no warranties.
> >> >> "Galop" <(E-Mail Removed)> wrote in message
> >> >> news:0B35BC5E-67D7-4CFA-B251-(E-Mail Removed)...
> >> >> >I have W2K server connected to internet over DSL. The ISP has
> >> >> >provided
> >> >> > 68.236.x.y static address. I have configured this all as per
> >> >> > http://www.smallbizserver.net/Default.aspx?tabid=52 (but without a
> >> >> > ISA
> >> >> > server). All is fine.
> >> >> >
> >> >> > I want to connect my home Laptop to this server over VPN/internet to
> >> >> > share
> >> >> > the resources by "Map network drive" option. My home computer is an
> >> >> > XP
> >> >> > and
> >> >> > connects internet via a cable modem. I can ping my server's IP
> >> >> > address.
> >> >> > But
> >> >> > unable to connect to it over VPN client setup.
> >> >> >
> >> >> > I have perfomed the same test successfully with my Laptop in the
> >> >> > office
> >> >> > and
> >> >> > the VPN server address is set to local 192.168.10.z I guess, the
> >> >> > static
> >> >> > IP
> >> >> > on
> >> >> > the Linksys router is not passing the traffic to Servers' Internal
> >> >> > NIC?
> >> >> > Any
> >> >> > suggestions how to resolve this?
> >> >>
> >> >>
> >> >>
> >>
> >>
> >>
>
>
>

That means the server didn't answer. It shouldn't happen if tcp port
1723 is forwarded to the server. Any firewalls in the path?

"Galop" <(E-Mail Removed)> wrote in message
news:AFA7F8D0-6880-4039-8B41-(E-Mail Removed)...
> Yeah, I have port 1723 forwarded to 192.168.1.10 on the LinkSys. I think
> the
> issue could be something related to LinkSys only setrup. As you said, I
> have
> configured the client for PPTP. The error is 678.
>
> "Bill Grant" wrote:
>
>> Right. On the LinkSys router, do you have tcp port 1723 forwarded to
>> the
>> server's private IP of 192.168.1.10 ?
>>
>> If you have done this and you are getting error 800, change the
>> settings
>> on the client machine to use pptp rather than automatic. 800 is a very
>> general message and just means you can't connect (which you already
>> knew).
>> Forcing the client to use pptp will give you a more specific error which
>> might mean something useful.
>>
>>
>> "Galop" <(E-Mail Removed)> wrote in message
>> news:750345C4-1620-49B6-95BE-(E-Mail Removed)...
>> >I think something is mis understood. It is like this.
>> >
>> > W2K server with two nics. 192.168.16.2 is internal LAN and 192.168.1.10
>> > is
>> > for external WAN. this external nic is connected to LinkSys router and
>> > the
>> > WAN port of this rouetr is connected to DSL modem's RJ45. DSL modem
>> > connects
>> > to ISP. The ISP has allocated us a static IP 68.236.x.y which is
>> > configured
>> > on the WAN port of the LinkSys router.
>> >
>> > After reading Robert's input, I have also opened the ports 1723, 50, 51
>> > for
>> > TCP and 1701, 500 for UDP. Still I get the same error.
>> >
>> > "Bill Grant" wrote:
>> >
>> >> You say that your server has two NICs, both with private IP
>> >> addresses.
>> >> What device has the public IP?
>> >>
>> >> From your home machine, you can only connect to a public IP
>> >> through
>> >> the
>> >> Internet. To make a VPN connection to a device with a private IP, you
>> >> must
>> >> forward the required port (tcp port 1723 for pptp) from the device
>> >> with
>> >> the
>> >> public IP to your RRAS server's private IP. The client reaches the
>> >> public
>> >> IP
>> >> through the Internet, and port forwarding extends the link to the
>> >> machine
>> >> on
>> >> the private LAN.
>> >>
>> >> "Galop" <(E-Mail Removed)> wrote in message
>> >> news:4E6940BB-1049-42AA-AAD7-(E-Mail Removed)...
>> >> > Robert,
>> >> >
>> >> > I could not locate a solution for my issue on the link provided by
>> >> > you.
>> >> >
>> >> > The error I get, when trying to VPN connection is:
>> >> >
>> >> > "Error800: Unable to establish the VPN connection. The VPN server
>> >> > may
>> >> > be
>> >> > unreachable, or security parameters may not be configured properly
>> >> > for
>> >> > this
>> >> > connection".
>> >> >
>> >> > I get error if I provide my VPN server address is 68.236.x.y (static
>> >> > IP,
>> >> > configured on the router). I can ping to this ip successfully.
>> >> >
>> >> > I donot get any error if I provide my VPN server address as
>> >> > 192.168.16.2
>> >> > OR
>> >> > 192.168.1.10 (Two Nic cards of my server).
>> >> >
>> >> > "Robert L [MS-MVP]" wrote:
>> >> >
>> >> >> you may need open the ports on the router. quoted from
>> >> >> http://www.howtonetworking.com/vpnsetup.htm
>> >> >> Which ports need to be opened for running VPN
>> >> >>
>> >> >> A: PPTP VPN uses TCP Port 1723, IP Protocol 47 (GRE); L2TP: UDP
>> >> >> Port
>> >> >> 1701;
>> >> >> IPSec: UDP Port 500, Pass IP protocol 50 and 51. Note: 47 is a
>> >> >> protocol
>> >> >> number and not TCP port. The protocol name is GRE. It'll make a big
>> >> >> difference when configuring your firewall or router.
>> >> >>
>> >> >> Don't send e-mail or reply to me except you need consulting
>> >> >> services.
>> >> >> Posting on MS newsgroup will benefit all readers and you may get
>> >> >> more
>> >> >> help.
>> >> >>
>> >> >> Bob Lin, MS-MVP, MCSE & CNE
>> >> >> How to Setup Windows, Network, Remote Access on
>> >> >> http://www.HowToNetworking.com
>> >> >> Networking, Internet, Routing, VPN Troubleshooting on
>> >> >> http://www.ChicagoTech.net
>> >> >> This posting is provided "AS IS" with no warranties.
>> >> >> "Galop" <(E-Mail Removed)> wrote in message
>> >> >> news:0B35BC5E-67D7-4CFA-B251-(E-Mail Removed)...
>> >> >> >I have W2K server connected to internet over DSL. The ISP has
>> >> >> >provided
>> >> >> > 68.236.x.y static address. I have configured this all as per
>> >> >> > http://www.smallbizserver.net/Default.aspx?tabid=52 (but without
>> >> >> > a
>> >> >> > ISA
>> >> >> > server). All is fine.
>> >> >> >
>> >> >> > I want to connect my home Laptop to this server over VPN/internet
>> >> >> > to
>> >> >> > share
>> >> >> > the resources by "Map network drive" option. My home computer is
>> >> >> > an
>> >> >> > XP
>> >> >> > and
>> >> >> > connects internet via a cable modem. I can ping my server's IP
>> >> >> > address.
>> >> >> > But
>> >> >> > unable to connect to it over VPN client setup.
>> >> >> >
>> >> >> > I have perfomed the same test successfully with my Laptop in the
>> >> >> > office
>> >> >> > and
>> >> >> > the VPN server address is set to local 192.168.10.z I guess, the
>> >> >> > static
>> >> >> > IP
>> >> >> > on
>> >> >> > the Linksys router is not passing the traffic to Servers'
>> >> >> > Internal
>> >> >> > NIC?
>> >> >> > Any
>> >> >> > suggestions how to resolve this?
>> >> >>
>> >> >>
>> >> >>
>> >>
>> >>
>> >>
>>
>>
>>

No. The firewall on the router is disabled.

"Bill Grant" wrote:

> That means the server didn't answer. It shouldn't happen if tcp port
> 1723 is forwarded to the server. Any firewalls in the path?
>
> "Galop" <(E-Mail Removed)> wrote in message
> news:AFA7F8D0-6880-4039-8B41-(E-Mail Removed)...
> > Yeah, I have port 1723 forwarded to 192.168.1.10 on the LinkSys. I think
> > the
> > issue could be something related to LinkSys only setrup. As you said, I
> > have
> > configured the client for PPTP. The error is 678.
> >
> > "Bill Grant" wrote:
> >
> >> Right. On the LinkSys router, do you have tcp port 1723 forwarded to
> >> the
> >> server's private IP of 192.168.1.10 ?
> >>
> >> If you have done this and you are getting error 800, change the
> >> settings
> >> on the client machine to use pptp rather than automatic. 800 is a very
> >> general message and just means you can't connect (which you already
> >> knew).
> >> Forcing the client to use pptp will give you a more specific error which
> >> might mean something useful.
> >>
> >>
> >> "Galop" <(E-Mail Removed)> wrote in message
> >> news:750345C4-1620-49B6-95BE-(E-Mail Removed)...
> >> >I think something is mis understood. It is like this.
> >> >
> >> > W2K server with two nics. 192.168.16.2 is internal LAN and 192.168.1.10
> >> > is
> >> > for external WAN. this external nic is connected to LinkSys router and
> >> > the
> >> > WAN port of this rouetr is connected to DSL modem's RJ45. DSL modem
> >> > connects
> >> > to ISP. The ISP has allocated us a static IP 68.236.x.y which is
> >> > configured
> >> > on the WAN port of the LinkSys router.
> >> >
> >> > After reading Robert's input, I have also opened the ports 1723, 50, 51
> >> > for
> >> > TCP and 1701, 500 for UDP. Still I get the same error.
> >> >
> >> > "Bill Grant" wrote:
> >> >
> >> >> You say that your server has two NICs, both with private IP
> >> >> addresses.
> >> >> What device has the public IP?
> >> >>
> >> >> From your home machine, you can only connect to a public IP
> >> >> through
> >> >> the
> >> >> Internet. To make a VPN connection to a device with a private IP, you
> >> >> must
> >> >> forward the required port (tcp port 1723 for pptp) from the device
> >> >> with
> >> >> the
> >> >> public IP to your RRAS server's private IP. The client reaches the
> >> >> public
> >> >> IP
> >> >> through the Internet, and port forwarding extends the link to the
> >> >> machine
> >> >> on
> >> >> the private LAN.
> >> >>
> >> >> "Galop" <(E-Mail Removed)> wrote in message
> >> >> news:4E6940BB-1049-42AA-AAD7-(E-Mail Removed)...
> >> >> > Robert,
> >> >> >
> >> >> > I could not locate a solution for my issue on the link provided by
> >> >> > you.
> >> >> >
> >> >> > The error I get, when trying to VPN connection is:
> >> >> >
> >> >> > "Error800: Unable to establish the VPN connection. The VPN server
> >> >> > may
> >> >> > be
> >> >> > unreachable, or security parameters may not be configured properly
> >> >> > for
> >> >> > this
> >> >> > connection".
> >> >> >
> >> >> > I get error if I provide my VPN server address is 68.236.x.y (static
> >> >> > IP,
> >> >> > configured on the router). I can ping to this ip successfully.
> >> >> >
> >> >> > I donot get any error if I provide my VPN server address as
> >> >> > 192.168.16.2
> >> >> > OR
> >> >> > 192.168.1.10 (Two Nic cards of my server).
> >> >> >
> >> >> > "Robert L [MS-MVP]" wrote:
> >> >> >
> >> >> >> you may need open the ports on the router. quoted from
> >> >> >> http://www.howtonetworking.com/vpnsetup.htm
> >> >> >> Which ports need to be opened for running VPN
> >> >> >>
> >> >> >> A: PPTP VPN uses TCP Port 1723, IP Protocol 47 (GRE); L2TP: UDP
> >> >> >> Port
> >> >> >> 1701;
> >> >> >> IPSec: UDP Port 500, Pass IP protocol 50 and 51. Note: 47 is a
> >> >> >> protocol
> >> >> >> number and not TCP port. The protocol name is GRE. It'll make a big
> >> >> >> difference when configuring your firewall or router.
> >> >> >>
> >> >> >> Don't send e-mail or reply to me except you need consulting
> >> >> >> services.
> >> >> >> Posting on MS newsgroup will benefit all readers and you may get
> >> >> >> more
> >> >> >> help.
> >> >> >>
> >> >> >> Bob Lin, MS-MVP, MCSE & CNE
> >> >> >> How to Setup Windows, Network, Remote Access on
> >> >> >> http://www.HowToNetworking.com
> >> >> >> Networking, Internet, Routing, VPN Troubleshooting on
> >> >> >> http://www.ChicagoTech.net
> >> >> >> This posting is provided "AS IS" with no warranties.
> >> >> >> "Galop" <(E-Mail Removed)> wrote in message
> >> >> >> news:0B35BC5E-67D7-4CFA-B251-(E-Mail Removed)...
> >> >> >> >I have W2K server connected to internet over DSL. The ISP has
> >> >> >> >provided
> >> >> >> > 68.236.x.y static address. I have configured this all as per
> >> >> >> > http://www.smallbizserver.net/Default.aspx?tabid=52 (but without
> >> >> >> > a
> >> >> >> > ISA
> >> >> >> > server). All is fine.
> >> >> >> >
> >> >> >> > I want to connect my home Laptop to this server over VPN/internet
> >> >> >> > to
> >> >> >> > share
> >> >> >> > the resources by "Map network drive" option. My home computer is
> >> >> >> > an
> >> >> >> > XP
> >> >> >> > and
> >> >> >> > connects internet via a cable modem. I can ping my server's IP
> >> >> >> > address.
> >> >> >> > But
> >> >> >> > unable to connect to it over VPN client setup.
> >> >> >> >
> >> >> >> > I have perfomed the same test successfully with my Laptop in the
> >> >> >> > office
> >> >> >> > and
> >> >> >> > the VPN server address is set to local 192.168.10.z I guess, the
> >> >> >> > static
> >> >> >> > IP
> >> >> >> > on
> >> >> >> > the Linksys router is not passing the traffic to Servers'
> >> >> >> > Internal
> >> >> >> > NIC?
> >> >> >> > Any
> >> >> >> > suggestions how to resolve this?
> >> >> >>
> >> >> >>
> >> >> >>
> >> >>
> >> >>
> >> >>
> >>
> >>
> >>
>
>
>