I have a Windows 2000 VPN server ... behind a Windows 2000 NAT server ... on the NAT server I have reserved one public IP for the private IP of the VPN server and allowed incoming sessions.
From Internet I can reach the VPN server through telnet/web/ftp services, I can browse from the VPN server and initiate outbound VPN connections too. But when I try to initiate inbound connections from Internet to this VPN server, it fails saying that it has not found a valid certificate. But when I try to connect to the VPN server from inside my Intranet, I get through.
What could be the possible cause and remedy.
Yes, that is the right place. Specify the incoming port 1723 and forward it to the IP of the VPN server.