TorgN
asked on
Forwarding PPTP through a DI-604 traffic to a Win XP pro vpn server
Has anyone tried it, and got it to work successfully? Note: talking about a DI-604 broadband-router.
How? How do you permit or enable ip 47 GRE on this broadband router?
Any other comments you think is relevant?
How? How do you permit or enable ip 47 GRE on this broadband router?
Any other comments you think is relevant?
ASKER
Done that. But it has not solved the problem
Ok, and on that page
http://support.dlink.com/emulators/di604/adv_virtual.html
you also configured at what internal address is your PPTP-Server ?
http://support.dlink.com/emulators/di604/adv_virtual.html
you also configured at what internal address is your PPTP-Server ?
ASKER
Yes
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
1. Yes, I can connect from the inside
2. Yes
3 Yes (all though there`s no text in the windows, just the cursor blinking
2. Yes
3 Yes (all though there`s no text in the windows, just the cursor blinking
well then it should work....
hmm.... even though I did not have to do this in my setup, you may try to open "port 47/both"...
hmm.... even though I did not have to do this in my setup, you may try to open "port 47/both"...
ASKER
47......Hmm...it isn`t protocoll nr 47 (GRE) you are thinking of? If so I do not think Protocoll number and Port number is not the same. So what good would opening port 47 do?
When thinking of it, could it just be that the negotiation of authentication type fails? Which authentication types should be activated? And how do I enable the different ? PAP, SPAP, MD5CHAP, MSCHAP, MSCHAPV2, EAP from the serverside (and client)?
When thinking of it, could it just be that the negotiation of authentication type fails? Which authentication types should be activated? And how do I enable the different ? PAP, SPAP, MD5CHAP, MSCHAP, MSCHAPV2, EAP from the serverside (and client)?
Yeah I know it's protocol 47, not port 47, but I once had a firewall (dont remember it's brand though) where is the protocol was unknown (anything else that tcp, udp or ICMP) you could actually open up protocols by opening up apropriate ports.
However found something else.... it looks like XP since a certain patchlevel uses IP-Sec also for PPTP.. so can you try opening up IPSEC (port 500/both)
However found something else.... it looks like XP since a certain patchlevel uses IP-Sec also for PPTP.. so can you try opening up IPSEC (port 500/both)
ASKER
For some reason it seems as if I can connect to the server(So neteducation will get the points, but first: ..). However now the client receive error message 733: TCP/IP CP reported error 733: Your computer and the remote computer could not agree on PPP control protocols. As far as I know I have enabled the following protocols: PAP, SPAP, MD5CHAP, MSCHAP, MSCHAPV2, EAP by using the command; netsh ras>add authtype type = 'authtype' therefore I find it strange that the client receives this errormessage. The client uses a win xp home edition. One or more of these authentication types should be enabled by default? Any thoughts about this?
as a matter of form, here`s the settings in the DI-604
MTU size = 1492
Virtual server list
-------------------------- ---------- --------
IPSec 192.168.0.153 UDP 500 / 500 always
PPTP 192.168.0.153 TCP 1723 / 1723 always
GRE Protocol 192.168.0.153 Both 47 / 47 always
Firewall rules list (Some or all of these rules are probably unnecessary, but nevertheless...)
-------------------------- ---------- ---------- ----------
Allow IPSec NAT Traversal WAN,* LAN,192.168.0.153 UDP,4500
Allow L2TP WAN,* LAN,192.168.0.153 UDP,1701
Allow PPTP WAN,* LAN,192.168.0.153 TCP,1723
Allow IPSec WAN,* LAN,192.168.0.153 UDP,500
as a matter of form, here`s the settings in the DI-604
MTU size = 1492
Virtual server list
--------------------------
IPSec 192.168.0.153 UDP 500 / 500 always
PPTP 192.168.0.153 TCP 1723 / 1723 always
GRE Protocol 192.168.0.153 Both 47 / 47 always
Firewall rules list (Some or all of these rules are probably unnecessary, but nevertheless...)
--------------------------
Allow IPSec NAT Traversal WAN,* LAN,192.168.0.153 UDP,4500
Allow L2TP WAN,* LAN,192.168.0.153 UDP,1701
Allow PPTP WAN,* LAN,192.168.0.153 TCP,1723
Allow IPSec WAN,* LAN,192.168.0.153 UDP,500
The 733 error message could have something to do with the IP's you assign...
Check out the following document. there is a nice sample
Check out the following document. there is a nice sample
ASKER
What document ?
ASKER
Ok, thank you for your help.
See here :
http://support.dlink.com/emulators/di604/tools_misc.html