[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 702
  • Last Modified:

VPN CONNECTION ESTABLISHED. BUT CANT VIEW NETWORK

I SETUP VPN THROUGH RAS ON A WINDOWS 2000 SERVER. I FORWARDED PORT 1723 ON MY ROUTER TO THE LOCAL IP OF THAT SERVER. BUT WHEN I TRY TO CONNECT VIA VPN, IT AUTHENTACTES ME, AND STATES THAT I AM CONNECTED , BUT I CANNOT VIEW ANYTHING ON MY NETWORK. I TRIED VIEWING MY SERVERS WITH LIKE A I DO IN MY OTHER OFFICE BY TYPING \\XX.XX.XX.XX (LOCAL IP) ON THE RUN BUTTON. AND ALSO TRIED USING REMOTE DESKTOP AND GET NOTHING. WHAT DID I FORGET?? PLEASE HELP A.S.A.P
0
andreb2005
Asked:
andreb2005
  • 5
  • 3
  • 2
  • +1
4 Solutions
 
lrmooreCommented:
>I FORWARDED PORT 1723 ON MY ROUTER
Please fix your caps lock key... All caps does not get the attention that you want.

You also need to forward GRE/protocol #47

PPTP traffic consists of a TCP connection for tunnel maintenance and GRE encapsulation for tunneled data. The TCP connection is NAT-translatable because the source TCP port numbers can be transparently translated. However, the GRE-encapsulated data is not NAT-translatable

Router can't do that? Get one that can.
What kind of router do you have?

Tweak registry on server
http://support.microsoft.com/default.aspx?scid=kb;en-us;271731
0
 
andreb2005Author Commented:
linksys befvp41
0
 
snerkelCommented:
If the IP address range on your network and the company network are the same then this would explain it.

Linksys is probably something like 192.168.1.x in this case if your company uses the same 192.168.1.x IP range then change your home network to 192.168.2.x

0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
andreb2005Author Commented:
i just forwarded port 47 aand still nothing. when i check the status a lot more packets are being sent then received.
0
 
lrmooreCommented:
>i just forwarded port 47 aand still nothing
It is not "port" 47, it is Protocol #47 - GRE
Most soho routers have no way to forward that to an inside host.
Try putting the server IP in as the "dmz host"
0
 
rburns50Commented:
I don't know a lot about VPN and Microsoft (tend to go to real networking vendors for networking), but most VPN devices require you to configure what networks are advertised to you when you connect to them. This is for security reasons- you may not want VPN users to be able to access all of your internal networks. Also be sure that your VPN device is assigning your remote host an IP address in the local network- when you run "ipconfig -all" on your remote host after connecting, you should see more than one IP address assigned- one for the home connection, one for the VPN connection. Hopefully, as stated by snerkel above, they aren't in the same subnet- if so, change your home IP address subnet.
0
 
andreb2005Author Commented:
i just checked and they are in the same subnet. i also seen another problem. locally i gave the server 192.168.1.6 static ip.
but when i check the router dhcp table it has it under 192.168.1.102 . could that be a problem as well? i appreciate all you guys help
0
 
rburns50Commented:
The DHCP vs. static issue is not really the issue here, but one you need to look into (do a release on the router). Both addresses being on the same subnet is the real problem, as your remote host doesn't know that it needs to traverse the VPN connection to get to the servers you are trying to reach. As they are in it's own subnet, it doesn't go across the VPN but tries to resobve them on the remote end. You could put some static routes to the servers on your remote PC (forcing them across the VPN link) and make them persistent, but that's only if you absolutely cannot change your remote subnet. That is the easiest way to fix this, and proper way too.
0
 
snerkelCommented:
If the subnet is the same then change your home network to a different one, eg 192.168.2.x  or  192.168.69.x   etc etc


Best solution to a changing IP address is to use a fixed IP address for the VPN server.

These might help.

Assigning a static IP http://www.tech24.arce.co.uk/static.htm
0
 
snerkelCommented:
Oh and don't forget to delete the port forwarding of 47. Port forwarding is not the same as Protocol 47, most modern SOHO routers have this enabled by default and is not usually under user control, this will often be refered to by comments such as VPN pass-through, or PPTP pass-through in the product manual.
0
 
andreb2005Author Commented:
hey i checked ipconfig/all and the ppp adapter is giving the same address as the remote gateway. i tried to change it in my vpn settings to get though to the vpn but it wont let me. i think i have to change it directly on the server running ras ,right? if i remmeber correctly it asks you to specify an ip range to assign vpn clients and i left it at dhcp enable.
0
 
andreb2005Author Commented:
anyways thanks alot, i cannot do much more until i get back to the office tomorrow
0

Featured Post

A Cyber Security RX to Protect Your Organization

Join us on December 13th for a webinar to learn how medical providers can defend against malware with a cyber security "Rx" that supports a healthy technology adoption plan for every healthcare organization.

  • 5
  • 3
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now