VPN on SBS2003 standard with Netgear ADSL router

We have a
1) SBS 2003 network with MS Exchange.
2) Netgear DG843 ADSL router with latest software, port 3389 incoming is opened
3) RAS enabled
4) Used NO-IP.com to compensate for the dynamic IP address
5) I can ping the server on it No-ip host name

We try to use set up VPN and Remote Desktop to this server, but get these messages

Remote Desktop:
The client could not connect to the remote computer. Remote connection might not be enabled or the computer might be too busy to accept incoming connections...

Error 800: Unable to establish the VPN connection. The VPN server may be unreachable, or security paramaters may not be configured properly

Any ideas will be helpful


Ben KeyserOwner/EntrepreneurAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

You may be on the wrong tack.

Port 3389 is for Terminal Services (or Remote Desktop).

Opening port 3389 will allow an external user to TS into the server - withOUT using  a VPN at all.

If you want to use VPN then

1) CLOSE port 3389 on the firewall.

then either

2) OPEN the ports on the firewall needed to allow the VPN tunnel traffic in to the server.
or, preferrably
3) Set up VPN hosting on the firewall itself. If the router isn't capable of doing that, consider replacing it with one that is.

Once the VPN is established you should be able to open any other service through the tunnel - this will NOT require the opening of any additioanl ports on the firewall. That's the whole point of VPN.

Ben KeyserOwner/EntrepreneurAuthor Commented:

I opened port 3389 (on the router) for TS, but can't get in with remote desktop either.

I have opened the VPN ports on the router.

Is there any where else where ports can be blocked on the SBS2003 server?

VPN Hosting on the router/firewall - will look at that.

Thank you
You may have opened them on the router, but did you port forward them?  If you didn't forward your ports to your VPN server, you may not be able to establish a connection even if the firewall isn't technically blocking them.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Your Guide to Achieving IT Business Success

The IT Service Excellence Tool Kit has best practices to keep your clients happy and business booming. Inside, you’ll find everything you need to increase client satisfaction and retention, become more competitive, and increase your overall success.

Ben KeyserOwner/EntrepreneurAuthor Commented:
Yes, I did forward them
Ben KeyserOwner/EntrepreneurAuthor Commented:
Can NO-IP cause the problem, or for that matter, the dynamic IP address? Can't see how it can, as I connect to the host name, not the IP address?
Ben KeyserOwner/EntrepreneurAuthor Commented:
I forwarded to the wrong ip address - as they say, assumption is the mother of all, well, muck-ups.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.