Forward PPTP Port and GRE Protocol to Internal Server - SMC 8014 Business Gateway : SMC Networks, Business Gateway, 8014, Modem/Router

May 17, 2008 10:48am pdt

1. batry_boy 209,084
2. RobWill 183,875
3. arnold 81,143
4. lrmoore 72,848
5. mwecompu... 55,414
6. MrHusy 36,470
7. ebjers 35,950
8. mkielar 33,600
9. dpk_wal 28,673
10. Cyclops3590 27,700
11. trinak96 22,665
12. TechSoEasy 20,114
13. from_exp 19,775
14. stuknhawaii 18,075
15. johnb6767 16,522

1. RobWill 1,336,768
2. lrmoore 873,591
3. batry_boy 383,794
4. grblades 213,434
5. rsivanandan 138,641
6. calvinetter 112,055
7. TechSoEasy 93,193
8. arnold 83,143
9. dpk_wal 81,673
10. tim_holman 75,964
11. mwecompu... 73,214
12. MrHusy 69,744
13. keith_al... 69,385
14. ewtaylor 68,324
15. plemieux72 64,143

02.29.2008 at 11:36PM PST, ID: 23205866

	[x] Attachment Details

[x]

The Solution Rating System

With so many solutions, how can you tell which solutions are most likely to help you and which ones are not? To provide you with a tool to use, we rate our solutions based on various elements that most accurately determine if a solution is a quality solution. To explain what factors affect the solution rating, here are the elements we take into consideration when formulating our solution rating.

The Grade of the Solution
The Zone Rank of the Expert Providing the Solution
The Number of Author and Expert Comments
The Number of Experts Contributing
The Feedback of the Community

Your Input Matters
Because of the way the system is set up, the most important variable in this equation is you. As a member of Experts Exchange, you are able to cast your vote on the quality of the solutions in regard to how complete, accurate, helpful and easy to understand each solution is. When you provide your feedback, each rating is adjusted accordingly. So, if you see a solution that has a poor rating that you think is a good solution, let us know by rating it. As you do, the rating will be adjusted and will become more accurate for other members of our site.

If you have any suggestions that you would like to make for our rating system, please ask a question in the Suggestions Zone of Community Support.

Thank you!

7.6

Forward PPTP Port and GRE Protocol to Internal Server - SMC 8014 Business Gateway

Zones: Virtual Private Networking (VPN), Computer Modems, Network Routers

Tags: SMC Networks, Business Gateway, 8014, Modem/Router

Unfortunately simply forwarding port 1723 to my internal server is not enough to allow a PPTP connection on my company's SMC 8014 (Comcast). My guess would be the lack of controls offered logged in as user "CUSADMIN". I have logged into one of these devices before with Comcast's super user login - which offers far more granular controls, as well as access to so much more, including the actual modem (not router) settings. But, like an idiot, I did not save the username and password that Comcast uses (I actually found the login previously on Google - but am having no such luck tonight in relocating it), nor do I have the faintest memory of what it was. It would sure come in handy right about now.

So the question is: Does anyone know the super user login that Comcast uses to manage these SMC devices? Or, does anyone know if, even if I could log in as a super user, will I be able to properly setup PPTP forwarding? Sticking the server in the DMZ allows the PPTP connection to connect, but I certainly don't want to leave it there (in the DMZ)!

I am also aware that these devices apparently are capable of being a PPTP or L2TP endpoint, but would rather use my SBS server to handle authentication.

Thanks in advance for helping toward a solution.

note: I am using the Comcast provided SMC 8014 Modem/Router as the modem (of course) and router for my network. I have no additional routers between my network and Internet.

Start your free trial to view this solution

Question Stats

Zone: Software

Question Asked By: wleblanc

Solution Provided By: neopumpkin

Participating Experts: 1

Solution Grade: B

Translate:

Loading Advertisement...

Microsoft

Internet Protocols
Applications

Development
OS

Hardware
Windows Security

Apple

Operating Systems
Hardware

Programming
Networking

Software

Internet

Search Engines
File Sharing
WebTrends / Stats
Spy / Ad Blockers

Web Browsers
New Net Users
Web Development
Chat / IM

Anti Spam
Web Servers
Anti-Virus
Email Clients

Gamers

Tips
Online / MMORPG
Puzzle
Emulators

Action / Adventure
Role Playing
Consoles
Game Programming

Strategy
Sports
Misc
Computer Games

Digital Living

Hardware
New Net Users
New Users

Software
Digital Music
Gaming World

Home Security
Apple
Networking Hardware

Virus & Spyware

Vulnerabilities
IDS
Encryption
Anti-Virus

Operating Systems Security
Software Firewalls
WebApplications
Cell Phones

Operating Systems
Internet
Hardware Firewalls

Hardware

Handhelds / PDAs
Displays / Monitors
Components
Networking Hardware

Peripherals
Laptops/Notebooks
Storage
Servers

Desktops
New Users
Misc
Apple

Software

System Utilities
Industry Specific
Network Management
Photos / Graphics
Page Layout
VMWare
Misc
Web Development

OS
CYGWIN
Voice Recognition
Message Queue
Quality Assurance
Security
Firewalls
MultiMedia Applications

Development
Database
Office / Productivity
Business Management
OS/2 Apps
Server Software
Internet / Email

ITPro

OS
Storage
Encryption
Operating Systems Security
Apple Hardware
Laptops & Notebooks
Servers
Networking Hardware
Peripherals

Devices
Displays / Monitors
WebTrends / Stats
Search Engines
Firewalls
WebApplications
IDS
Vulnerabilities
Email Clients

File Sharing
Spy / Ad Blockers
Web Browsers
Web Servers
Networking
Anti-Virus
Chat / IM
Anti Spam

Developer

Web Servers
Web Browsers
Game Programming
Dev Tools
Industry Specific
Office / Productivity

Database
CYGWIN
Web Development
Search Engines
File Sharing
WebTrends / Stats

Programming
Content Management
Application Servers
Protocols

Storage

Removable Backup Media
Storage Technology
Servers

Grid
Remote Access
Backup / Restore

Misc
Hard Drives

Miscellaneous
Security
Development
Linux
VMWare

MainFrame OS
Unix
Apple
OS / 2
AS / 400

BeOS
Microsoft
VMS / OpenVMS

Database

Oracle
Miscellaneous
MySQL
Software
Sybase
Contact Management
PostgreSQL
Data Manipulation
Clarion
InterSystems Cache

Siebel
MUMPS
OLAP
SQLBase
SAS
GIS & GPS
4GL
Berkeley DB
DB2
Informix

Interbase / Firebird
FoxPro
Reporting
LDAP
Filemaker Pro
MS SQL Server
dBase
MS Access

Security

Misc
Web Browsers
Software Firewalls
Operating Systems Security
File Sharing

Spy / Ad Blockers
Vulnerabilities
WebApplications
IDS
Anti-Virus

Encryption
Anti Spam
Email Clients
VPN
Chat / IM

Programming

Editors IDEs
Installation
Handhelds / PDAs
Multimedia Programming
System / Kernel

Algorithms
Game
Signal Processing
Project Management
Open Source

Database
Misc
Languages
Processor Platforms
Theory

Web Development

Scripting
Blogs
Web Servers
Software
Search Engines
Web Graphics
Images

Internet Marketing
Images and Photos
Components
Document Imaging
Web Languages/Standards
Illustration
WebApplications

Fonts
WebTrends / Stats
Authoring
Digital Camera Software
Miscellaneous

Networking

Protocols
Apple Networking
Network Management
Message Queue
Application Servers
Content Management
File Servers
Email Servers
Misc
Java Editors & IDEs

Wireless
Networking Hardware
Backup / Restore
System Utilities
ISPs & Hosting
Web Servers
Storage Technology
Removable Backup Media
Servers
Broadband

Grid
OS / 2
Novell Netware
Unix Networking
Windows Networking
Security
Telecommunications
Operating Systems
Linux Networking

Other

Community Advisor
Lounge
Community Support
New Net Users

Philosophy / Religion
Math / Science
Miscellaneous
URLs

Expert Lounge
Politics
Puzzles / Riddles

Community Support

Suggestions
New to EE
New Topics
Community Advisor

CleanUp
Announcements
General

Feedback
Input
EE Bugs

02.29.2008 at 11:52PM PST, ID: 21020625

neopumpkin:

wleblanc,

you have a few different options here. you can give comcast a call and ask them whats up with blocking PPTP, or you could get yourself a decent router (i use SonicWALL equip), have comcast put their modem in transparent (or "bridge mode" as i've heard it referenced to) mode, which will in effect allow your router to control the port forwarding. unfortunately those comcast cable modems arent very friendly to setting up port forwarding and nat rules. another option here, seeing you're using SBS, is to use the RWW feature. you'll need to forward port 443 and port 4125 to the SBS, which should hopefully provide you with an alternative to remote access over PPTP on 1723.

unfortunately, i'm on Verizon FiOS and dont know much about cracking those comcast passwords. i have 1 customer who uses comcast and I believe the username was CUSADMIN as you mentioned and the password was "highspeed" or something like that. all lower case and no " ", of course.

i'd be curious to see if RWW works over PPTP. feel free to let us know how it works out for you and if you have any other questions. Thanks

Regards,

Jim P.

Accepted Solution

03.01.2008 at 01:11AM PST, ID: 21020812

wleblanc:

Jim,

Thanks for the reply. I think your first suggestion will likely be the route I take. My client would rather not add anymore expenses to this project, and for what little their needs are, I'd rather not complicate the network beyond its absolute current simplicicty unless absolutely needed - so I am going to try avoiding bringing in a separate router.

I actually wasn't aware of the Connection Manager tool in the RWW before now (which for those that don't know, it creates a VPN connection entry on the local PC, all pre-configured and everything - assuming all your server settings are correct). However, it would appear that it too requires the GRE protocol, as that connection hangs at username authentication the same as my manually configured PPTP connection does.

The other bummer about the Connect to Small Business Server VPN (Connection Manager) is that it would appear you cannot have multiple connections to different networks setup. Each time you download the Connection Manager from another server, it overwrites the previous. Would you happen to know if it sets the flag "Use default gateway on remote network" to on? That would be another strike against it if so, as there appears to be no way to disable it.

Thanks,

Wayne-

neopumpkin

03.05.2008 at 05:50AM PST, ID: 21050205

Wayne,

Sorry to hear about comcast - i can honestly say that i'm not surprised though.

I believe you are correct with the connection manager. I would imagine that by nstalling a second connection manager, you will in effect overwrite the first. A limitation set by SBS, I presume. While this is an alternative to setting up a windows VPN connection, it's not needed to use the RWW feature. Have you tried setting up and using RWW yet? I ask, because this is the most direct and easiest way to provide remote access to your users - they can use it from nearly any PC with IE and a broadband connection, without setting up and messing with any VPN connections. And if it works well enough for you and your users, you may save yourself some bucks without having to purchase a router to sit behind the comcast cable modem. Do you see whether it's possible to setup 2 port forwarding rules in the cable modem? You will want to forward tcp port 443 and tcp port 4125 to SBS for RWW tow ork. Whether RWW relies on GRE or not is a good question - giving RWW a try is a good method to rule that out. ;)

Feel free to let me know if you need a hand. Take it easy.

Regards,

Jim P.

wleblanc

03.05.2008 at 09:32AM PST, ID: 21052414

Hey Jim,

The RWW is where I found the connection manager - so yes, it is set up. However, it won't be of much use to my client as they need access to thousands of files stored on the server. There is no way I am going to try to put all that into SharePoint either. :)

Thanks again for your suggestions.

Wayne-

20080236-EE-VQP-29 / EE_QW_2_20070628