?
Solved

MN-700 Router and Incoming VPN - Windows XP Professional

Posted on 2004-04-25
3
Medium Priority
?
828 Views
Last Modified: 2007-12-19
Hi all,

Yep, yet another question on configuring an incoming VPN on windows XP.  I have spent all day on this and have finally drawn a total blank.  I have read so many postings in different places, that I am ready to yell!

Heres the scoop.....

I have a Microsoft MN-700 router, connected to a Motorola SB5100 Surfboard cable modem.  This is all connected to a broadband provide (insightbb.com).  There are 3 computers in the home, 1 desktop and two notebooks.  There are also 3 pocket pc's.  All works great.  Filesharing between all of them, printing, internet access on all of them. Everything is in a workgroup.  All items connect using wireless.  All is good.

I need to setup a vpn into the workgroup, so that when we are out and about, we can access into the machines at home.  I have created an incoming vpn connection in Wondows XP on the desktop machine, which is always on.

When I try to connect to the vpn from a remote network (eg at a workplace etc) I get the dreaded error 721.  When I try to connect to the vpn server internally within our network, I get error 619.

I have checked everyting again and again and read countless posts.  No ICF is configured on any of the machines.  The desktop uses Norton Firewall, which has been disabled since I started this project (incidentally, when turn it back on it the vpn server can't be reached at all, as I have no rules set up yet for that...so it doesn't even get as far as the verifying user name and password prompt.  Norton will remain disabled until I get this fixed...)  I have port 1723 mapped through to the ip of the desktop, setup via port forwarding on the MN-700 config utiility.  What I can't seem to sort out, and I think this may be the root of the problem, is whether or not the MN-700 router allows GRE 47 to pass through it.  I have read that other routers have a PPTP passthrough capability.  There is nothing in the MN-700 config utilities for that, and no mention of it in the manuals.  I have read all about the people opening up port 47, and have now learned that is not the same thing!

Can anyone offer any insights as to what the next step could be?  I am wondering whether its the router and a lack of support for GRE 47 passthrough, as I can't even set up a vpn internally within the network.  'coz everything is wireless, its presumably still going through the router to get to the desktop vpn server anyway.  Is it this that is stripping out/interfering with packets to stop communications back to the vpn clients so that the handshake cannot complete?  If it helps, I used Shields Up to check that port 1723 was open from the outside.  it reported that it was.  Also, when the vpn client tries to connect, I see "connecting to....then the ip address", very briefly "all devices connected" and then it goes to the verifying username and password"...and then returns either 619 0r 721 as listed above.

Any help greatly appreciated!

David
0
Comment
Question by:dnmartin98
1 Comment
 
LVL 11

Accepted Solution

by:
ewtaylor earned 375 total points
ID: 10963624
Ok make sure the firmware on the mn700 is up to date, then I would turn off stateful packet inspection just for troubleshooting purposes. Also make sure you have vpn passthrough enabled on this side and on the client side. Lastly make sure the 2 networks are addressed differently if you are connecting from a 192.168.0.x network to a 192.168.0.x network it can cause trouble.
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Sometimes, you want your microsoft VPN to route all the traffic to the remote network. Usually your employer network. This makes it possible to access all the nodes inside this remote LAN, even if they have no "public DNS" entries. To do so, you wo…
Like many others, when I created a Windows 2008 RRAS VPN server, I connected via PPTP, and still do, but there are problems that can arise from solely using PPTP.  One particular problem was that the CFO of the company used a Virgin Broadband Wirele…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…
Suggested Courses

616 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question