Solved

Cannot connect to SBS 2003 VPN

Posted on 2004-09-28
12
353 Views
Last Modified: 2012-06-21
I have configured my Small Business Server 2003 server for VPN access.  I can
connect to the Remote Web Workplace, and download the Connection Manager.

When I try to use the SBS connection to connect from my home XP Pro computer to
the server , I get this error:

Error 721.  The remote computer did not respond.

I am using a Linksys BEFVP41 router on the server and have ports 1723 and 47
forwarded to the server, TCP and UDP.  I can look at the incoming log on the
router, and see the requests from my home IP, destination port 1723.  I do not
see any outgoing responses from my server to my home IP address.

I am running ZoneAlarm at home, but shutting it down seems to have no effect.

I am an adminstrator for the domain, and can connect with Remote Desktop fine.
I have permissions to connect (as far as I can tell!).  There are no error
messages logged in the event logs that I have found.

What are my next steps to troubleshoot / resolve this issue?  
0
Comment
Question by:localmagic
  • 6
  • 4
12 Comments
 
LVL 5

Expert Comment

by:Dragonmen
Comment Utility
If you have any firewall on the server try to shut it down (especially integrated windows firewall).
Try to install some packet-analyzer (like commview) to see if you are getting any request on the server. If you are not getting request that means that packet is never reached that server. Try to check on the router where packer is going and on what port.
0
 
LVL 3

Expert Comment

by:ccceqo2
Comment Utility
Figure out if it is the router or the server blocking access.
Go in to your router and put the server as the "DeMilitarizedZone" DMZ
This will make sure the router is not blocking anything traveling to the server.
Now test and if you can connect, the problem lies with the router.
If you still can't connect the problem lies with the server (and possibly the router too!).
0
 
LVL 3

Expert Comment

by:ccceqo2
Comment Utility
0
 

Author Comment

by:localmagic
Comment Utility
Thanks for the ideas.  I will experiment some and get back with the results.
0
 

Author Comment

by:localmagic
Comment Utility
I tested this morning with the server in the DMZ zone.  Got the same 721 error.
0
What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 
LVL 3

Accepted Solution

by:
ccceqo2 earned 500 total points
Comment Utility
Make double sure that you are using the latest firmware on the linksys.
0
 

Author Comment

by:localmagic
Comment Utility
This router is running their latest, which is 1.41.1, Sep 2003.
0
 
LVL 3

Expert Comment

by:ccceqo2
Comment Utility
Hi, hope you are still watching this thread.
I just finished working on a VPN connection that started working after I installed all the windows XP service packs and updates. Might be another thing worth checking.
0
 

Author Comment

by:localmagic
Comment Utility
We are current on the updates as far as I know.  MS really needs a 'windows update' version for servers that links to all the updates for the various components (Exchange, SQL, etc.).

Anway, on the VPN connection, I opened an incident with Microsoft last week.  The server side seems to function ok (I can connect to it internally via VPN).  

We currently suspect the Linksys Router.  I worked with their tech support, but beyond reflashing it, they ran out of ideas.  I have to go onsite to reflash it and/or replace it.  I plan to post updates when I know more.
0
 

Author Comment

by:localmagic
Comment Utility
Today I reflashed the Linksys Router, and the symptoms remained the same (port 1723 traffic flows, but not GRE Protocol 47).

I temporarily replace the current Linksys (WRT54GS) with our previous router (BEFVP41) and got the same results.

As a further test, I replaced the server with my laptop, and ran a Port 1723 / GRE test back to the client machine.  It ran fine, which indicates to me that the local ISP (Road Runner) is not doing the filtering.

Since the server works to local clients, and since the RR to client connection works, I can only conclude that the Linksys Routers are not passing the protocol properly.

I contacted Linksys Technical Support again, and after another hour, and getting ugly, they finally 'discovered' a new firmware release, version 3.17.4, released last Tuesday!  I am going to install the update and test by this coming Tuesday.
0
 

Author Comment

by:localmagic
Comment Utility
I installed the firmare update for the router (3.17.4), and can now successfully connect to the SBS server.

Interestingly, this update was created the day that I first called Linksys and reported the problem.  It is clearly a requirement for VPN.

I can view the shares of the the server machine by IP address now, but not other machines on the network.  Is this a configuration problem or a VPN fact of life?  I  thought I could specify other machine address on the remote network (e.g., \\192.168.20.xxx) and browse them like I do the server (\\192.168.20.3).  They use a different subnet from my home machine (192.168.1.xxx).


0

Featured Post

NetScaler Deployment Guides and Resources

Citrix NetScaler is certified to support many of the most commonly deployed enterprise applications. Deployment guides provide in-depth recommendations on configuring NetScaler to meet specific application requirements.

Join & Write a Comment

Imagine you have a shopping list of items you need to get at the grocery store. You have two options: A. Take one trip to the grocery store and get everything you need for the week, or B. Take multiple trips, buying an item at a time, to achieve t…
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now