Solved

Problem connecting to Win2K VPN Server behind Win2K NAT

Posted on 2004-04-08
6
762 Views
Last Modified: 2010-03-18
I have a Windows 2000 VPN server ... behind a Windows 2000 NAT server ... on the NAT server I have reserved one public IP for the private IP of the VPN server and allowed incoming sessions.  
From Internet I can reach the VPN server through telnet/web/ftp services, I can browse from the VPN server and initiate outbound VPN connections too. But when I try to initiate inbound connections from Internet to this VPN server, it fails saying that it has not found a valid certificate. But when I try to connect to the VPN server from inside my Intranet, I get through.

What could be the possible cause and remedy.
0
Comment
Question by:mitra_am
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 10

Expert Comment

by:anupnellip
ID: 10782482
you need to forward TCP Port 1723 to your vpn server for this to work
0
 

Author Comment

by:mitra_am
ID: 10782679
How do I exactly do this ?

I have reserved the public IP address x.x.x.x for the internal IP address y.y.y.y

On the NAT router I have two cards, NIC named "Internet" connecting to Internet and "Intranet" connecting to my LAN.

Should I go to Routing and Remote Access in the NAT router and go to IP Routing -> Network Address Translation -> Properties of the interface "Internet" -> Special Ports ?

What should be the entries when I want to add a special port like:

1. "On this interface" or "On this address pool entry" - Which one to select ?
2. Incoming port and Outgoing port.
0
 
LVL 31

Accepted Solution

by:
Gareth Gudger earned 500 total points
ID: 10789084
"Should I go to Routing and Remote Access in the NAT router and go to IP Routing -> Network Address Translation -> Properties of the interface "Internet" -> Special Ports ?"

Yes, that is the right place. Specify the incoming port 1723 and forward it to the IP of the VPN server.
0

Featured Post

Don't Miss ATEN at InfoComm 2017!

Visit booth #2167 to see the  new ATEN VM3200 32 x 32 Modular Matrix Switch. Other highlights include the VE8950 4K HDMI Over IP Extender, VS1912 12-Port DP Video Wall Media Player  and VK2100 ATEN Control System. Register now with Free Pass Code ATEN288!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Have you ever set up your wireless router at home or in the office to find that you little pop-up bubble in the bottom right-hand corner of Windows read "IP Conflict - One of more computers on the network have been assigned the following IP address"…
A common practice in small networks is making file sharing easy which works extremely well when intra-network security is not an issue. In essence, everyone, that is "Everyone", is given access to all of the shared files - often the entire C: drive …
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
Finds all prime numbers in a range requested and places them in a public primes() array. I've demostrated a template size of 30 (2 * 3 * 5) but larger templates can be built such 210  (2 * 3 * 5 * 7) or 2310  (2 * 3 * 5 * 7 * 11). The larger templa…

751 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question