Windows 2003 VPN won't respond to packets forwarded by Linux router

My front end to the Internet is Linux. For a while I had
forwarded VPN traffic to a Windows 2000 Pro workstation.
But it only allowed one vpn connection.

So we got Windows 2003 Server put it in the same ip
address and went through the standard vpn configuration.
No response to the packets or a 781 error, complaining
about a missing certificate.

We issued our own certificate and ran packet dumps, but
the server simply does not respond. See this thread for
details:
http://forums1.itrc.hp.com/service/f...stionanswer.do
?threadId=624076

Mentioned articles here are:
http://support.microsoft.com/default.aspx?scid=kb;en-
us;247231

and

http://support.microsoft.com/default.aspx?scid=kb;en-
us;329858

Seems like we have a problem with Windows 2003 server.
I've disabled the firewall completely but it doesn't want
to respond to authentication requests. I simply don't
believe the VPN clients complaint about a certificate
being missing. You have to respond to the packets and this
box simply won't do that. I've proven that with packet
dumps. Because the VPN forwarding scheme did work with
2000 Pro, the problem seems to be the W2K3 box.

Also, note that on the internal network, VPN connections
work just fine.

SEP

Hi Steve,

did you check how your IP filters are setup on external network card on
Win2K3 server? Do you have correctly marked external and internal network
cards (IP filters are different for external or internal card!)

Are clients trusting the certificates that you issued? If you think the
problem is in certificates, use MS CHAP v2 for test, till it works with MS
CHAP v2 then switch to certificates.

Mike

"Steve Protter" <(E-Mail Removed)> wrote in message
news:5d6c01c474b3$422908d0$(E-Mail Removed)...
> My front end to the Internet is Linux. For a while I had
> forwarded VPN traffic to a Windows 2000 Pro workstation.
> But it only allowed one vpn connection.
>
> So we got Windows 2003 Server put it in the same ip
> address and went through the standard vpn configuration.
> No response to the packets or a 781 error, complaining
> about a missing certificate.
>
> We issued our own certificate and ran packet dumps, but
> the server simply does not respond. See this thread for
> details:
> http://forums1.itrc.hp.com/service/f...stionanswer.do
> ?threadId=624076
>
> Mentioned articles here are:
> http://support.microsoft.com/default.aspx?scid=kb;en-
> us;247231
>
> and
>
> http://support.microsoft.com/default.aspx?scid=kb;en-
> us;329858
>
> Seems like we have a problem with Windows 2003 server.
> I've disabled the firewall completely but it doesn't want
> to respond to authentication requests. I simply don't
> believe the VPN clients complaint about a certificate
> being missing. You have to respond to the packets and this
> box simply won't do that. I've proven that with packet
> dumps. Because the VPN forwarding scheme did work with
> 2000 Pro, the problem seems to be the W2K3 box.
>
> Also, note that on the internal network, VPN connections
> work just fine.
>
> SEP
>
>