Solved

Problem connecting to Win2K VPN Server behind Win2K NAT

Posted on 2004-04-08
6
768 Views
Last Modified: 2010-03-18
I have a Windows 2000 VPN server ... behind a Windows 2000 NAT server ... on the NAT server I have reserved one public IP for the private IP of the VPN server and allowed incoming sessions.  
From Internet I can reach the VPN server through telnet/web/ftp services, I can browse from the VPN server and initiate outbound VPN connections too. But when I try to initiate inbound connections from Internet to this VPN server, it fails saying that it has not found a valid certificate. But when I try to connect to the VPN server from inside my Intranet, I get through.

What could be the possible cause and remedy.
0
Comment
Question by:mitra_am
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 10

Expert Comment

by:anupnellip
ID: 10782482
you need to forward TCP Port 1723 to your vpn server for this to work
0
 

Author Comment

by:mitra_am
ID: 10782679
How do I exactly do this ?

I have reserved the public IP address x.x.x.x for the internal IP address y.y.y.y

On the NAT router I have two cards, NIC named "Internet" connecting to Internet and "Intranet" connecting to my LAN.

Should I go to Routing and Remote Access in the NAT router and go to IP Routing -> Network Address Translation -> Properties of the interface "Internet" -> Special Ports ?

What should be the entries when I want to add a special port like:

1. "On this interface" or "On this address pool entry" - Which one to select ?
2. Incoming port and Outgoing port.
0
 
LVL 31

Accepted Solution

by:
Gareth Gudger earned 500 total points
ID: 10789084
"Should I go to Routing and Remote Access in the NAT router and go to IP Routing -> Network Address Translation -> Properties of the interface "Internet" -> Special Ports ?"

Yes, that is the right place. Specify the incoming port 1723 and forward it to the IP of the VPN server.
0

Featured Post

Optimize your web performance

What's in the eBook?
- Full list of reasons for poor performance
- Ultimate measures to speed things up
- Primary web monitoring types
- KPIs you should be monitoring in order to increase your ROI

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The Need In an Active Directory enviroment, the PDC emulator provide time synchronization for the domain. This is important since Active Directory uses Kerberos for authentication.  By default, if the time difference between systems is off by more …
Are you one of those front-line IT Service Desk staff fielding calls, replying to emails, all-the-while working to resolve end-user technological nightmares? I am! That's why I have put together this brief overview of tools and techniques I use in o…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
Suggested Courses
Course of the Month8 days, 2 hours left to enroll

617 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question