• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 316
  • Last Modified:

What port needs opened?

Here's my set up:

I have a Firewalled Cisco Router provided by my ISP.  (I do not manage this)
I have a Windows 2003 Domain server behind the firewall.
I need for my users to be able to access the domain server from outside the firewall.
I can have an external IP bound to the internal ip of the Domain Server through the router.
My ISP wants to know what port(s) they need to open to allow VPN access through.  I have no idea.  Is there a standard port?  Please help.
0
QueenKretee
Asked:
QueenKretee
  • 4
  • 4
1 Solution
 
Yan_westCommented:
You have a firewall behind your router? what is this firewall, a cisco pix?
0
 
lrmooreCommented:
If you want to use Terminal Services to access the server, you need TCP port 3389 only.
0
 
QueenKreteeAuthor Commented:
I want some of my users to be able to VPN into the domain server using Windows XP's VPN functionality.
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
lrmooreCommented:
Then you need to open TCP 1723, and you need to have a 1-1 static NAT with GRE protocol along with that..
0
 
QueenKreteeAuthor Commented:
What? What? Huh?  Please elaborate on what you just stated lrmoore.  Here's a little more info on what I've done from information that I have gathered here on experts exchange on my own.  I have asked my ISP to do the following.  Bind the public ip 24.xxx.xxx.xxx to internal ip 192.168.1.44, which is my domain server.  I have asked the to open ports 500, 1723 and 3389, also Protocol 50 and Protocol 51.  Now, I can use Teminal Services to access my domain server from my home.  However, I still cannot vpn in.   The message box first states, "Connecting to 24.xxx.xxx.xxx".  Then "Verifying User Name and Password.  Following,  I am getting the error:

Error 721: The remote computer did not resond.

It is also possible that I have not set up my xp vpn client properly or my Remote Access setting on my domain server.  Please excuse my ignorance as my expertise is programming, not network administation.  

On the server end, my user id in the "Dial in settings" is set for to "Allow Access"
I have used the Windows 2003 Wizard to set up my RAS.  And the Windows XP wizard to set up my vpn.

Please assist.  Many thanks in advance.
Kristi

0
 
QueenKreteeAuthor Commented:
Oh, also what does this mean?  "you need to have a 1-1 static NAT with GRE protocol along with that.."
0
 
lrmooreCommented:
>Bind the public ip 24.xxx.xxx.xxx to internal ip 192.168.1.44, which is my domain server
This is a 1-to-1 static NAT so you're OK on that

>also Protocol 50 and Protocol 51.
You also need Protocol 47, GRE

Here's a guide on VPN w/2003

http://www.microsoft.com/windowsserver2003/technologies/networking/vpn/default.mspx

0
 
QueenKreteeAuthor Commented:
It worked.  Many, many thanks.
0
 
lrmooreCommented:
Yea!!

Glad to help..
0

Featured Post

A Cyber Security RX to Protect Your Organization

Join us on December 13th for a webinar to learn how medical providers can defend against malware with a cyber security "Rx" that supports a healthy technology adoption plan for every healthcare organization.

  • 4
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now