Solved

MN-700 Router and Incoming VPN - Windows XP Professional

Posted on 2004-04-25
3
814 Views
Last Modified: 2007-12-19
Hi all,

Yep, yet another question on configuring an incoming VPN on windows XP.  I have spent all day on this and have finally drawn a total blank.  I have read so many postings in different places, that I am ready to yell!

Heres the scoop.....

I have a Microsoft MN-700 router, connected to a Motorola SB5100 Surfboard cable modem.  This is all connected to a broadband provide (insightbb.com).  There are 3 computers in the home, 1 desktop and two notebooks.  There are also 3 pocket pc's.  All works great.  Filesharing between all of them, printing, internet access on all of them. Everything is in a workgroup.  All items connect using wireless.  All is good.

I need to setup a vpn into the workgroup, so that when we are out and about, we can access into the machines at home.  I have created an incoming vpn connection in Wondows XP on the desktop machine, which is always on.

When I try to connect to the vpn from a remote network (eg at a workplace etc) I get the dreaded error 721.  When I try to connect to the vpn server internally within our network, I get error 619.

I have checked everyting again and again and read countless posts.  No ICF is configured on any of the machines.  The desktop uses Norton Firewall, which has been disabled since I started this project (incidentally, when turn it back on it the vpn server can't be reached at all, as I have no rules set up yet for that...so it doesn't even get as far as the verifying user name and password prompt.  Norton will remain disabled until I get this fixed...)  I have port 1723 mapped through to the ip of the desktop, setup via port forwarding on the MN-700 config utiility.  What I can't seem to sort out, and I think this may be the root of the problem, is whether or not the MN-700 router allows GRE 47 to pass through it.  I have read that other routers have a PPTP passthrough capability.  There is nothing in the MN-700 config utilities for that, and no mention of it in the manuals.  I have read all about the people opening up port 47, and have now learned that is not the same thing!

Can anyone offer any insights as to what the next step could be?  I am wondering whether its the router and a lack of support for GRE 47 passthrough, as I can't even set up a vpn internally within the network.  'coz everything is wireless, its presumably still going through the router to get to the desktop vpn server anyway.  Is it this that is stripping out/interfering with packets to stop communications back to the vpn clients so that the handshake cannot complete?  If it helps, I used Shields Up to check that port 1723 was open from the outside.  it reported that it was.  Also, when the vpn client tries to connect, I see "connecting to....then the ip address", very briefly "all devices connected" and then it goes to the verifying username and password"...and then returns either 619 0r 721 as listed above.

Any help greatly appreciated!

David
0
Comment
Question by:dnmartin98
3 Comments
 
LVL 11

Accepted Solution

by:
ewtaylor earned 125 total points
ID: 10963624
Ok make sure the firmware on the mn700 is up to date, then I would turn off stateful packet inspection just for troubleshooting purposes. Also make sure you have vpn passthrough enabled on this side and on the client side. Lastly make sure the 2 networks are addressed differently if you are connecting from a 192.168.0.x network to a 192.168.0.x network it can cause trouble.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Secure VPN Connection terminated locally by the Client.  Reason 442: Failed to enable Virtual Adapter. If you receive this error on Windows 8 or Windows 8.1 while trying to connect with the Cisco VPN Client then the solution is a simple registry f…
Let’s list some of the technologies that enable smooth teleworking. 
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

910 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

23 Experts available now in Live!

Get 1:1 Help Now