Solved

VPN support from a LinkSYS BEFWS11 S4 v.2 Router

Posted on 2004-04-20
2
552 Views
Last Modified: 2013-11-29
I can create a VPN connection within my network behind the firewall. I have a W2K Active Directory Domain employing a single internal RRAS server (also W2K). The internet gateway is the LinkSYS router mentioned above. I am trying to see if I can access my network via a VPN connection outside of my internal network. I know that the LinkSYS router is probably not designed for this but I have been able to use it's port forwarding options to gain access with pcANYWHERE and Windows Terminal Services.

From the information I have, I know that PPTP employs port 1723 via TCP and L2TP uses port 1701 over UDP. I have forwarded those port calls to my internal RRAS server so that when I call upon the public IP address of my router with a VPN session, the call should go to the RRAS server and authenticate. I also have the PPTP and IPSec pass through options enabled. However, this fails and I don't find anything in the event logs for a clue.

I am mainly doing this to finish my MCSE so this is not something I would not recommend in practice, but I would like to see if it could make it work as I have described. If the LinkSYS Router will not allow this then I would like to know now instead of wasting any more time.

Thanks for any replys.
0
Comment
Question by:habanagold
2 Comments
 
LVL 79

Accepted Solution

by:
lrmoore earned 125 total points
ID: 10868163
There is a small sentence in the user guide that says that if you're using port-forwarding, you must disable DHCP server. Not sure why.
Also, PPTP uses not just 1723, but protocol #47 (GRE) to establish the tunnel. GRE has no concept of ports, so about your only option is to put the server's ip in as the DMZ host.
0
 
LVL 1

Author Comment

by:habanagold
ID: 10869644
Setting up the W2K Router as the DMZ host in the LinkSYS worked. I am able to connect remotely without a problem. In fact, I went to my neighborhood Panera Bread which has WI-FI and this is where I am now testing this.

The only thing I have noticed that does not work is access to a DFS share. I can connect to any server share or map a drive, but I can not access the DFS share. Any ideas on resolving this? Also, can you shed any light on the security risks of leaving the W2K router in the DMZ? I am sure there are some.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
I had an issue with InstallShield not being able to use Computer Browser service on Windows Server 2012. Here is the solution I found.
Viewers will learn how to properly install and use Secure Shell (SSH) to work on projects or homework remotely. Download Secure Shell: Follow basic installation instructions: Open Secure Shell and use "Quick Connect" to enter credentials includi…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

867 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now