rj2
asked on
VPN question - how to setup when behind router with NAT
Hello!
I want to setup a Windows 2003 server as VPN server.
The server is behind a router that runs NAT.
Are any special configuration needed on the server for this to work?
(like under the IP routing on th RRAS MMC - general/static routes, DHP relay, IGMP, NAT/basic firewall).
What should the settings for these be?
I want to setup a Windows 2003 server as VPN server.
The server is behind a router that runs NAT.
Are any special configuration needed on the server for this to work?
(like under the IP routing on th RRAS MMC - general/static routes, DHP relay, IGMP, NAT/basic firewall).
What should the settings for these be?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Or, actually I used the "manage your server" program when setting up the VPN. I had to add another NIC to be able to do that.
Could you elobarate somewhat what you mean when you say "Setup your RRAS using the custom configuration, (for 1 NIC). "?
Should I remove the second NIC?
Could you elobarate somewhat what you mean when you say "Setup your RRAS using the custom configuration, (for 1 NIC). "?
Should I remove the second NIC?
Here is what I would do. Lets uncomplicate things. Take RRAS back to the beginning and remove the second NIC. Open RRAS and click or right click, (I forget) to set it up. When the wizard runs, select a Custom Configuration. There you will select VPN server. Then follow through the prompts. This will allow you to run 1 Nic on your VPN server. See how this works.
ASKER
The problem was on the router.
Glad to help! Good Luck!
ASKER
If I connect directly to internal IP it works ok.
But if I try external IP it gets connected but then hangs with message "verifring username/password", and then times out with error message "error 721: remote computer did not respond".
The router is administered by our ISP. They say they have done it "by the book" according to http://cisco.com/en/US/tech/tk827/tk369/technologies_configuration_example09186a00800949c0.shtml
If I run command "netstat" on the server when I try to connect I see a PPTP connection from my IP.
So I'm not sure what to do now, something is wrong either on the VPN server or the router, but how can I find out where?
If the ISP have not setup GRE correctly on the router, could this give such symptoms? How can I verify if GRE is setup correctly on the router when I don't have telnet access to it?
The ISP also tried to let all IP traffic get through to the VPN server, but same results.