Problem connecting to Win2K VPN Server behind Win2K NAT

I have a Windows 2000 VPN server ... behind a Windows 2000 NAT server ... on the NAT server I have reserved one public IP for the private IP of the VPN server and allowed incoming sessions.  
From Internet I can reach the VPN server through telnet/web/ftp services, I can browse from the VPN server and initiate outbound VPN connections too. But when I try to initiate inbound connections from Internet to this VPN server, it fails saying that it has not found a valid certificate. But when I try to connect to the VPN server from inside my Intranet, I get through.

What could be the possible cause and remedy.
mitra_amAsked:
Who is Participating?
 
Gareth GudgerCommented:
"Should I go to Routing and Remote Access in the NAT router and go to IP Routing -> Network Address Translation -> Properties of the interface "Internet" -> Special Ports ?"

Yes, that is the right place. Specify the incoming port 1723 and forward it to the IP of the VPN server.
0
 
anupnellipCommented:
you need to forward TCP Port 1723 to your vpn server for this to work
0
 
mitra_amAuthor Commented:
How do I exactly do this ?

I have reserved the public IP address x.x.x.x for the internal IP address y.y.y.y

On the NAT router I have two cards, NIC named "Internet" connecting to Internet and "Intranet" connecting to my LAN.

Should I go to Routing and Remote Access in the NAT router and go to IP Routing -> Network Address Translation -> Properties of the interface "Internet" -> Special Ports ?

What should be the entries when I want to add a special port like:

1. "On this interface" or "On this address pool entry" - Which one to select ?
2. Incoming port and Outgoing port.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.