Windows 2003 RRAS VPN configuration

Hi
I am trying to set up a PPTP tunnel between our server and another site
and have got stuck.

Our set up is this we have a Windows 2003 server behind a Sonicwall
Firewall which does not accept PPTP VPN's, my answer to this is to set
up a PPTP VPN to my server.

I have tried this and got to the point were when I ping something on
the remote network from the server in question it connects and allows
traffic to passs between the two.

The trouble is I cannot get my pc to use this connection, I have tried
adding a route to my pc to redirect attempts to connect to the server
but this does not work.

Can someone please tell me which part I am missing as it is driving me
nuts, my guess is its something to do with filters but I could be wong.

Please help

Anthony

I don't understand this "a Sonicwall Firewall which does not accept PPTP VPN's, my answer to this is to set
up a PPTP VPN to my server". Assuming the Sonicwall can't be setup as PPTP server but it can do PPTP pass through and the server can ping remote site, what different of the server and PC? Do they use the Sonicwall as default gateway?

Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN Troubleshooting on http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on http://www.HowToNetworking.com
<(E-Mail Removed)> wrote in message news:(E-Mail Removed) oups.com...
Hi
I am trying to set up a PPTP tunnel between our server and another site
and have got stuck.

Our set up is this we have a Windows 2003 server behind a Sonicwall
Firewall which does not accept PPTP VPN's, my answer to this is to set
up a PPTP VPN to my server.

I have tried this and got to the point were when I ping something on
the remote network from the server in question it connects and allows
traffic to passs between the two.

The trouble is I cannot get my pc to use this connection, I have tried
adding a route to my pc to redirect attempts to connect to the server
but this does not work.

Can someone please tell me which part I am missing as it is driving me
nuts, my guess is its something to do with filters but I could be wong.

Please help

Anthony

Hi Robert

Sorry I ws not very clear, what I meant was SonicWall firewalls will
not terminate a PPTP VPN they will quite happily pass the traffic
through to an internal server so it can be terminated there.

Yes both devices use the Sonicwall as the default gateway.

Anthony



Robert L [MVP - Networking] wrote:
> I don't understand this "a Sonicwall Firewall which does not accept PPTP VPN's, my answer to this is to set
> up a PPTP VPN to my server". Assuming the Sonicwall can't be setup as PPTP server but it can do PPTP pass through and the server can ping remote site, what different of the server and PC? Do they use the Sonicwall as default gateway?
>
> Bob Lin, MS-MVP, MCSE & CNE
> Networking, Internet, Routing, VPN Troubleshooting on http://www.ChicagoTech.net
> How to Setup Windows, Network, VPN & Remote Access on http://www.HowToNetworking.com
> <(E-Mail Removed)> wrote in message news:(E-Mail Removed) oups.com...
> Hi
> I am trying to set up a PPTP tunnel between our server and another site
> and have got stuck.
>
> Our set up is this we have a Windows 2003 server behind a Sonicwall
> Firewall which does not accept PPTP VPN's, my answer to this is to set
> up a PPTP VPN to my server.
>
> I have tried this and got to the point were when I ping something on
> the remote network from the server in question it connects and allows
> traffic to passs between the two.
>
> The trouble is I cannot get my pc to use this connection, I have tried
> adding a route to my pc to redirect attempts to connect to the server
> but this does not work.
>
> Can someone please tell me which part I am missing as it is driving me
> nuts, my guess is its something to do with filters but I could be wong.
>
> Please help
>
> Anthony
>
> ------=_NextPart_000_001D_01C7139B.C3DDF370
> Content-Type: text/html; charset=iso-8859-1
> Content-Transfer-Encoding: quoted-printable
> X-Google-AttachSize: 2303
>
> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
> <HTML><HEAD>
> <META http-equiv=Content-Type content="text/html; charset=iso-8859-1">
> <META content="MSHTML 6.00.2900.2995" name=GENERATOR>
> <STYLE></STYLE>
> </HEAD>
> <BODY bgColor=#ffffff>
> <DIV>I don't understand this "a Sonicwall Firewall which does not accept PPTP
> VPN's, my answer to this is to set<BR>up a PPTP VPN to my server". Assuming the
> Sonicwall can't be setup as PPTP server but it can do PPTP pass through and the
> server can ping remote site, what different of the server and PC? Do they use
> the Sonicwall as default gateway?</DIV>
> <DIV><BR>Bob Lin, MS-MVP, MCSE &amp; CNE<BR>Networking, Internet, Routing, VPN
> Troubleshooting on <A
> href="http://www.ChicagoTech.net">http://www.ChicagoTech.net</A> <BR>How to
> Setup Windows, Network, VPN &amp; Remote Access on <A
> href="http://www.HowToNetworking.com">http://www.HowToNetworking.com</A> </DIV>
> <BLOCKQUOTE
> style="PADDING-RIGHT: 0px; PADDING-LEFT: 5px; MARGIN-LEFT: 5px; BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
> <DIV>&lt;<A href="private.php?do=newpm&u=">alamb200@hotmai l.com</A>&gt;
> wrote in message <A
> href="news:(E-Mail Removed) oglegroups.com">news:1164797811.232196.321770@l39g 2000cwd.googlegroups.com</A>...</DIV>Hi<BR>I
> am trying to set up a PPTP tunnel between our server and another site<BR>and
> have got stuck.<BR><BR>Our set up is this we have a Windows 2003 server behind
> a Sonicwall<BR>Firewall which does not accept PPTP VPN's, my answer to this is
> to set<BR>up a PPTP VPN to my server.<BR><BR>I have tried this and got to the
> point were when I ping something on<BR>the remote network from the server in
> question it connects and allows<BR>traffic to passs between the
> two.<BR><BR>The trouble is I cannot get my pc to use this connection, I have
> tried<BR>adding a route to my pc to redirect attempts to connect to the
> server<BR>but this does not work.<BR><BR>Can someone please tell me which part
> I am missing as it is driving me<BR>nuts, my guess is its something to do with
> filters but I could be wong.<BR><BR>Please
> help<BR><BR>Anthony<BR></BLOCKQUOTE></BODY></HTML>
>
> ------=_NextPart_000_001D_01C7139B.C3DDF370--

Does "my answer to this is to set up a PPTP VPN to my server" mean you have RRAS enable on the Windows server? Comparing both server and client routing by using tracert command or post back here.

Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN Troubleshooting on http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on http://www.HowToNetworking.com
<(E-Mail Removed)> wrote in message news:(E-Mail Removed) ups.com...
Hi Robert

Sorry I ws not very clear, what I meant was SonicWall firewalls will
not terminate a PPTP VPN they will quite happily pass the traffic
through to an internal server so it can be terminated there.

Yes both devices use the Sonicwall as the default gateway.

Anthony



Robert L [MVP - Networking] wrote:
> I don't understand this "a Sonicwall Firewall which does not accept PPTP VPN's, my answer to this is to set
> up a PPTP VPN to my server". Assuming the Sonicwall can't be setup as PPTP server but it can do PPTP pass through and the server can ping remote site, what different of the server and PC? Do they use the Sonicwall as default gateway?
>
> Bob Lin, MS-MVP, MCSE & CNE
> Networking, Internet, Routing, VPN Troubleshooting on http://www.ChicagoTech.net
> How to Setup Windows, Network, VPN & Remote Access on http://www.HowToNetworking.com
> <(E-Mail Removed)> wrote in message news:(E-Mail Removed) oups.com...
> Hi
> I am trying to set up a PPTP tunnel between our server and another site
> and have got stuck.
>
> Our set up is this we have a Windows 2003 server behind a Sonicwall
> Firewall which does not accept PPTP VPN's, my answer to this is to set
> up a PPTP VPN to my server.
>
> I have tried this and got to the point were when I ping something on
> the remote network from the server in question it connects and allows
> traffic to passs between the two.
>
> The trouble is I cannot get my pc to use this connection, I have tried
> adding a route to my pc to redirect attempts to connect to the server
> but this does not work.
>
> Can someone please tell me which part I am missing as it is driving me
> nuts, my guess is its something to do with filters but I could be wong.
>
> Please help
>
> Anthony
>
> ------=_NextPart_000_001D_01C7139B.C3DDF370
> Content-Type: text/html; charset=iso-8859-1
> Content-Transfer-Encoding: quoted-printable
> X-Google-AttachSize: 2303
>
> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
> <HTML><HEAD>
> <META http-equiv=Content-Type content="text/html; charset=iso-8859-1">
> <META content="MSHTML 6.00.2900.2995" name=GENERATOR>
> <STYLE></STYLE>
> </HEAD>
> <BODY bgColor=#ffffff>
> <DIV>I don't understand this "a Sonicwall Firewall which does not accept PPTP
> VPN's, my answer to this is to set<BR>up a PPTP VPN to my server". Assuming the
> Sonicwall can't be setup as PPTP server but it can do PPTP pass through and the
> server can ping remote site, what different of the server and PC? Do they use
> the Sonicwall as default gateway?</DIV>
> <DIV><BR>Bob Lin, MS-MVP, MCSE &amp; CNE<BR>Networking, Internet, Routing, VPN
> Troubleshooting on <A
> href="http://www.ChicagoTech.net">http://www.ChicagoTech.net</A> <BR>How to
> Setup Windows, Network, VPN &amp; Remote Access on <A
> href="http://www.HowToNetworking.com">http://www.HowToNetworking.com</A> </DIV>
> <BLOCKQUOTE
> style="PADDING-RIGHT: 0px; PADDING-LEFT: 5px; MARGIN-LEFT: 5px; BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
> <DIV>&lt;<A href="private.php?do=newpm&u=">alamb200@hotmai l.com</A>&gt;
> wrote in message <A
> href="news:(E-Mail Removed) oglegroups.com">news:1164797811.232196.321770@l39g 2000cwd.googlegroups.com</A>...</DIV>Hi<BR>I
> am trying to set up a PPTP tunnel between our server and another site<BR>and
> have got stuck.<BR><BR>Our set up is this we have a Windows 2003 server behind
> a Sonicwall<BR>Firewall which does not accept PPTP VPN's, my answer to this is
> to set<BR>up a PPTP VPN to my server.<BR><BR>I have tried this and got to the
> point were when I ping something on<BR>the remote network from the server in
> question it connects and allows<BR>traffic to passs between the
> two.<BR><BR>The trouble is I cannot get my pc to use this connection, I have
> tried<BR>adding a route to my pc to redirect attempts to connect to the
> server<BR>but this does not work.<BR><BR>Can someone please tell me which part
> I am missing as it is driving me<BR>nuts, my guess is its something to do with
> filters but I could be wong.<BR><BR>Please
> help<BR><BR>Anthony<BR></BLOCKQUOTE></BODY></HTML>
>
> ------=_NextPart_000_001D_01C7139B.C3DDF370--

A normal VPN connection is simply a client-server connection. It only
allows the client machine to access the remote site. It does not set up
routing to enable other machines to use the connection.

To allow machines (other than your server) to access machines at the
remote site you will need to set up a routed connection. These are described
as LAN to LAN VPN, site to site VPN or router to router VPN. Whatever name
is used it amounts to the same thing.

Here is the basic difference between the two types of connection. When
you set up a "normal" VPN connection, the client changes its default route
to be across the connection. The server sets up a host route back to the
client. The client itself has access to the remote site, but not other
machines on the same LAN as the client. The remote server only knows about
the client - it only has a host route back to that one machine.

When you set up a site to site VPN, the servers at both ends need to
have subnet routes linked to the connection. In RRAS you use demand dial
interfaces to achieve this. You link the subnet routes to the demand-dial
interfaces. When a connection is made to the dd interface, the static route
becomes active. If the connection is set up correctly and both dd interfaces
bind to the connection, each router has a subnet route to the "other" site
through the VPN connection. The VPN connection acts as a (slow) IP router
between the two sites. Other routing (including to the Internet) on the
sites is not affected.

That isn't the whole story. If the RRAS router is not the default
gateway of the LAN (as yours will not be) you need extra routing to get the
private traffic for the "other" LAN to the RRAS server to be encrypted and
encapsulated before it goes to the gateway router. Otherwise it arrives at
the gateway (by default routing) with a private address as the destination
and is lost.

<(E-Mail Removed)> wrote in message
news:(E-Mail Removed) oups.com...
> Hi
> I am trying to set up a PPTP tunnel between our server and another site
> and have got stuck.
>
> Our set up is this we have a Windows 2003 server behind a Sonicwall
> Firewall which does not accept PPTP VPN's, my answer to this is to set
> up a PPTP VPN to my server.
>
> I have tried this and got to the point were when I ping something on
> the remote network from the server in question it connects and allows
> traffic to passs between the two.
>
> The trouble is I cannot get my pc to use this connection, I have tried
> adding a route to my pc to redirect attempts to connect to the server
> but this does not work.
>
> Can someone please tell me which part I am missing as it is driving me
> nuts, my guess is its something to do with filters but I could be wong.
>
> Please help
>
> Anthony
>