Solved

HOW DO I VPN MY 2K SERVER FROM HOME behind mercury BR100 firewall

Posted on 2004-08-14
7
198 Views
Last Modified: 2010-04-14
System Setup

Dual 1ghz CPU
1 GB PC133 Ram
2X 20Gb Maxtor HD
1X 80Gb Drive with BTDATA shared folder

2X 10/100 Net cards Linksys i think

1X Mecury/Kobian BR100 broadband Router.

The problem i have been having is that i dont know how to port forward to my server so that i can log on as though i am working at the office from home..

This is something that i have not liked to admit but it really foxes me, so please be gentle and not too technical with the answers, i need talking through step by step..

Steve
0
Comment
Question by:snoopsterg
  • 4
  • 3
7 Comments
 
LVL 16

Expert Comment

by:JamesDS
ID: 11801376
snoopsterg
It depends what kind of VPN you are using.
Bear in mind that PPTP will not cross a NAT router and L2TP will only work if your RRAS server is running Windows 2003 and configured for L2TP/IPSec and you have the following patch installed at home:
IPSec NAT-T update for XP: http://support.microsoft.com/?kbid=818043

If you are directly connected to the internet then either will work but you need the following ports open on your firewall and port forwarded to the RRAS server:

PPTP Inbound Requirement: Protocol 47, PPTP TCP 1723
L2TP Inbound Requirements: Protocol 50, IPSec NAT-T UDP 4500, IKE UDP 500

Cheers

JamesDS
0
 

Author Comment

by:snoopsterg
ID: 11802494
I shall be using RRAS in 2k Server connected directly to my BR100 which is a firewall/router..

I am running an identical Br100 at home but have never managed to succesfully open the ports and forward them to the RRas server

Steve
0
 
LVL 16

Expert Comment

by:JamesDS
ID: 11804098
snoopsterg
In this case you will never get it working properly then.
You are almost certainly running NAT on your home LAN and neither PPTP, or L2TP on Windows 2000 RRAS will cross a NATting router.

You will need the Windows 2003 RRAS (and L2TP/IPSec with the NAT-T update on the client) or a third party VPN product that does pure IPSec

Cheers

JamesDS
0
Complete Microsoft Windows PC® & Mac Backup

Backup and recovery solutions to protect all your PCs & Mac– on-premises or in remote locations. Acronis backs up entire PC or Mac with patented reliable disk imaging technology and you will be able to restore workstations to a new, dissimilar hardware in minutes.

 

Author Comment

by:snoopsterg
ID: 11804143
do i have to have a 2003 server or can i install the 2003 rras over my 2k server, if this is a foolish question forgive me but i am new to rras and really need help

steve
0
 
LVL 16

Accepted Solution

by:
JamesDS earned 150 total points
ID: 11804261
snoopsterg
You will need Windows 2003, there is no way to install the 2003 RRAS component onto a 2000 machine.

When you do install it, Use L2TP/IPSec with a preshare key, rather than a certificate, it is much easier to setup.


How to setup a VPN with Windows 2003 RRAS:
Configure VPN Access at server

Using the wizard:

Remote Access (dial-up or VPN)
VPN only
External WAN - disable security
Internal LAN
Automatic IP Address assignment
Use RRAS to authenticate


In Routing and Remote Access Server Properties
General: Enable the computer as a LAN Router only
General: Remote Access Server

IP: Enable IP Routing
IP: This server can assign addresses by using DHCP
IP: Enable broadcast name resolution (select internal NIC)

PPP: Check all

Logging: Log all Events only

Ports: Add 5 L2TP and/or PPtP inbound only, turn everything else off

IP Routing: only General and Static Routes, remove everything else

Remote Access Policies: Delete default policies, add new policy where tunnel type = L2TP or PPtP and access is granted

Client Settings:
Follow wizard for VPN connection
Install IPSec NAT-T update for XP: http://support.microsoft.com/?kbid=818043

I have this working here and I'm very pleased with the results


Cheers

JamesDS
0
 

Author Comment

by:snoopsterg
ID: 11805818
Thanks i shall give that a go, i wasnt planning on an upgrade to 2003 just yet but will give the trial version a go and see how that fares..

Cheers
0
 
LVL 16

Expert Comment

by:JamesDS
ID: 11807241
snoopsterg
Welcome, glad to help

Cheers

JamesDS
0

Featured Post

Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

Join & Write a Comment

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
HOW TO: Install and Configure VMware vSphere Hypervisor 6.5 (ESXi 6.5), Step by Step Tutorial with screenshots. From Download, Checking Media, to Completed Installation.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now