• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 400
  • Last Modified:

Windows 2000 PPTP vpn tunnels cant connect to 2003 RRAS Server

HI

I am having a problem where i cant get Windows 2000 Server machines to connect to a 2003 RRAS server (not using IAS) using PPTP.Windows 2003 server connect everytime to this server. I keep getting either connection closed or server not responding.

At the end of the day what i want to do is have RRAS on the "remote" servers using a demand dail PPTP connection to the main 2003 server. (this does work on remote 2003 servers)

Any help will be greatly appreciated.
0
wanstor
Asked:
wanstor
  • 3
  • 2
  • 2
1 Solution
 
mikeleebrlaCommented:
can you elaberate a little more about your setup..... are the 2000 servers that can't connect in the same site as the 2003 servers that can connect?
0
 
EricIT ManagerCommented:
Not near enough info.
Make sure your gateways/firewalls both have PPTP Passthrough enabled.
0
 
wanstorAuthor Commented:
No they are at different sites and have different isp's for their broadband connections.
But i can telnet to the pptp port (1723) from all the locations, also it seems to make a connection and hangs on verifying the username and password.
I havent tried this locally on the site that hosts the 2003 server because at the moment i dont have a 2000 box available to me there.

so basically on central site hosting the 2003 RRas server, and many remote sites hosting a varity of 2003 and 2000 servers.

0
 [eBook] Windows Nano Server

Download this FREE eBook and learn all you need to get started with Windows Nano Server, including deployment options, remote management
and troubleshooting tips and tricks

 
EricIT ManagerCommented:
Sounds like a firewall issue
0
 
mikeleebrlaCommented:
i agree with esszone that it does appear to be a firewall issue.  The fact that they are in different locations and have different ISPs is much more of a factor than the differences in the OSs.  

Remember that in order for PPTP VPNs to work you have to open TWO holes in your firewall:

1.  TCP port 1723 that you noted above.
2.  the GRE protocol has to be allowed through as well.  This is sometimes called protocol 47, but do not confuse this with TCP port 47.  Opening port 47 will do nothing for you.  you have to allow the GRE protocol through.  How you do this depends on your router/firewall.

0
 
EricIT ManagerCommented:
I was not sure of the ports.. maybe you will be lucky like I and have a "allow PPTP passthrough"  
Thats as quick of a fix as you can get.  Otherwise follow the port assignments above..  I'm sure he is right.

0
 
wanstorAuthor Commented:
The problem was that all the sites had pix firewalls, had to enable PPTP passthrough and the fixup protocol PPTP port  1723

Thanks
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

  • 3
  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now