?
Solved

Setting up VPN with Windows 2000

Posted on 2003-03-07
10
Medium Priority
?
201 Views
Last Modified: 2010-03-18
I am killing myself over this one...

I have an established domain (W2K AD).  I had a .NET 2003 server running VPN, no problems.  I tweaked something and it stopped working.  I decided to 86 the .NET server and stick with W2K, but can not get the VPN to work again.  I have TCP1723 forwarded through the firewall to the VPN server, RAS is installed on the VPN server...IT WORKS internally, but if I try and hit it from an external machine via TCP/IP, it hangs on verifying username/password. (so it's getting to the server).  I got some errors in the event viewer about L2TP certificates....(did not have one installed before and it worked (with .NET))...installed one anyways, still no dice.  I get nothing in event viewer now, after installing the certificate server..UGH!

I have combed through the settings for RRAS serval billion times, PLUS it works perfectly internally...what the heck am I missing here?

Please help me, I can not afford to throw anymore equipment against the wall!!! hehe

-=tspelman


0
Comment
Question by:tspelman
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
10 Comments
 
LVL 79

Expert Comment

by:lrmoore
ID: 8089965
Do you also have GRE (protocol 47) forwarded at your firewall?
0
 

Author Comment

by:tspelman
ID: 8090004
Not that I know of.  I have a DFL-300 and see no place to forward a protocol, just a service.  

-=ts
0
 

Author Comment

by:tspelman
ID: 8090006
Not that I know of.  I have a DFL-300 and see no place to forward a protocol, just a service.  

-=ts
0
Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users

 
LVL 79

Expert Comment

by:lrmoore
ID: 8090013
Do you have an option to put one inside host into a "DMZ" to forward everything to it?
0
 

Author Comment

by:tspelman
ID: 8090022
DMZ is not configured, the VPN is running on the same server as my DC (for testing purposes).

-=ts
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 8090057
More info for you:
PPTP traffic consists of a TCP connection for tunnel maintenance and GRE encapsulation for tunneled data. The TCP connection is NAT-translatable because the source TCP port numbers can be transparently translated. However, the GRE-encapsulated data is not NAT-translatable

http://support.microsoft.com/default.aspx?scid=kb;en-us;308208
http://www.microsoft.com/windows2000/techinfo/reskit/en-us/default.asp?url=/windows2000/techinfo/reskit/en-us/intwork/inbe_vpn_hidv.asp
http://www.microsoft.com/technet/treeview/default.asp?url=/TechNet/columns/tips/15tipsfo.asp

0
 

Expert Comment

by:AltonD
ID: 8093404
Did you add the vpn server to the "RAS and IAS" security group?

0
 

Author Comment

by:tspelman
ID: 10117327
Silly me finally realized that the DFL-300 will not pass PPtP through, because it has a built in VPN server, so thanks to everyone for their thoughts! Problem solved.
0
 

Accepted Solution

by:
CetusMOD earned 0 total points
ID: 10912697
PAQed, with points refunded (50)

CetusMOD
Community Support Moderator
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article is in response to a question (http://www.experts-exchange.com/Networking/Network_Management/Network_Analysis/Q_28230497.html) here at Experts Exchange. The Original Poster (OP) requires a utility that will accept a list of IP addresses …
Are you one of those front-line IT Service Desk staff fielding calls, replying to emails, all-the-while working to resolve end-user technological nightmares? I am! That's why I have put together this brief overview of tools and techniques I use in o…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
Visualize your data even better in Access queries. Given a date and a value, this lesson shows how to compare that value with the previous value, calculate the difference, and display a circle if the value is the same, an up triangle if it increased…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question