Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 637
  • Last Modified:

VPN PORT FORWARDING?

Hi
I have VPN Server at home on windows 2000 Professional and i can connect to it without a problem. I have no router at home so i dont do any port forwarding.

now in office I have a NetGear Firewall/Router and i am trying to do port forwarding on 1723 (TCP/UDP) on the Computer which has Vpn Server but somehow i can not connect to it from home.

I dont know much about  networking, so i dont know much what to do which port to look into,
when i do...

telnet IPADDRESS 1723

it does not connect as well.

Please help.
0
khansoul
Asked:
khansoul
  • 7
  • 5
  • 3
  • +2
1 Solution
 
pentiumDBCommented:
do you use any kind of firewall ? (exept netgear)
Did you configure VPN correctly?
0
 
pentiumDBCommented:
First make a check localy
From the lan that the VPN server is , make a VPN connection to the server
0
 
pentiumDBCommented:
or try telnet IPADDRESS 1723   (LOCALY)
0
Prepare for your VMware VCP6-DCV exam.

Josh Coen and Jason Langer have prepared the latest edition of VCP study guide. Both authors have been working in the IT field for more than a decade, and both hold VMware certifications. This 163-page guide covers all 10 of the exam blueprint sections.

 
Saqib KhanSenior DeveloperCommented:
here is what i am doing right now.


on Windows 2000 PRO PC i Created a new connection to "Accept incoming Connection" (192.168.0.111)

I went to my Router(Netgear)
Did the Port forwarding on port 1723 to my ip 192.168.0.111
Then I did the Telnet

Telnet 68.xx.xx.xx 1723

Connection Failed.

i dont have any other firewall only netgear.
0
 
Saqib KhanSenior DeveloperCommented:
co-worker with khansoul...
0
 
khansoulAuthor Commented:
Thats Correct. what should we look into, at my home computer i am doing the same thing and it works, only difference is there is no router at home and here i have one.

Thanks
0
 
khansoulAuthor Commented:
> telnet IPADDRESS 1723   (LOCALY)

Works.

but with LIVE ip does not work.
0
 
ezjurgenCommented:
ISP Port restrictions

A lot of ISP's block some ports, depending on you Internet access type. Mine used to block anything under 1024, some block any known port unless you pay

Do both connections have the same type?

Scan your ports and see whats alive

www.schieldsup.com
0
 
khansoulAuthor Commented:
no Port is not Blocked, I have the Same ISP at home plus we have Business static IP/Line.

I think i know what the Problem is, VPN requires GRE protocal to forward on 47 as well. and my router does not suport it. is there any way to go around this issue?

Thanks
0
 
pentiumDBCommented:
try telnet <localip> 1723 and tell me the result
Does your router support VPN passthrough?
0
 
pentiumDBCommented:
try telnet <localip> 1723 and tell me the result --> localy


Did you try to create PPTP connection localy ?
From an XP PC try to connect to the Server lvia VPN but local (form the same subnet) just to test that the VPN on the server is ok
If is okey i will tell you to check something else
0
 
khansoulAuthor Commented:
Yes, I mention already. Localy it works Fine within the same subnet no problem. with my Public IP it does not work.

i dont know how to enable VPN passthrough or what so ever, sorry.
0
 
khansoulAuthor Commented:
I have a Netgear FVS318 Router/Firewall
0
 
DaVinci007Commented:
As per ftp://downloads.netgear.com/files/fvs318v3_manual.pdf your Netgear Router/Firewall has INTERNAL vpn server.  My suggestion is to configure clients to connect via the router instead of to the internal Win2k Pro as I did not see in the manual how to disable the internal VPN server in your firewall.

So you have 2 easy choices:

1- Configure clients to connect to Netgear VPN (see detailed procedures on page 57 of manual)
2- Buy an non-VPN Router/Firewall and forward port 1723 to internal server (I know Linksys routers have an easy checkbox to enable that)

Regards.
0
 
khansoulAuthor Commented:
> Buy an non-VPN Router/Firewall and forward port 1723 to internal server (
why would it work with a non-VPN Router, You think a Non VPN router supports GRE protocal?
0
 
DaVinci007Commented:
GRE protocol is used by the VPN server, if your router/firewall does not have an integrated VPN server and simply forwards port 1723 (Microsoft PPTP) to your internal VPN server (Win2k), it is your Win2k Pro which will take care of the GRE protocol.

Most low-cost routers will simply redirect all traffic from port 1723 acquired from the internet to port 1723 of your internal server without doing any application-level inspection.
0
 
khansoulAuthor Commented:
it would be helpful if you post a link of low cost router that will work in my case(for port forwarding)

Thanks
0
 
DaVinci007Commented:
I personnaly own a Linksys WRT54G (http://www.linksys.com/products/product.asp?grid=33&scid=35&prid=601) and can confirm the setup works for having succesfully tested it.  However this model is wireless enabled which you might not require.  If wireless networking is not wanted I would suggest Linksys BEFSR41 (http://www.linksys.com/products/product.asp?grid=34&scid=29&prid=561) you can check for confirmation on page 30 of the user manual (ftp://ftp.linksys.com/pdf/befsr41V3_ug.pdf) that this model also has PPTP redirection available.

Hope it helps ;)
0

Featured Post

Configuration Guide and Best Practices

Read the guide to learn how to orchestrate Data ONTAP, create application-consistent backups and enable fast recovery from NetApp storage snapshots. Version 9.5 also contains performance and scalability enhancements to meet the needs of the largest enterprise environments.

  • 7
  • 5
  • 3
  • +2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now