Need help with DI-604 and VPN setup

Posted on 2006-03-20
Last Modified: 2012-06-27

I'm trying to setup a VPN connection through our D-Link DI-604 firewall/router to our windows 2003 server. I've fumbled my way through to being able to setup a VPN connection directly (i.e. from within our 192.168.x.x network), but when I try to connect to our external IP address I get Error 721: The remote computer did not respond.

I assume then that the server is set up okay to allow VPN connections.

This makes me then suspect either the setup or the functionality of the D-Link.  There's not much to the setup - I have enabled VPN pass-through for both IPSec and PPTP, and I have set up and enabled port forwarding (IPSec: port 500 for both UDP and TCP, PPTP: port 1723 for TCP). The Firewall screen of the web-based interface says that PPTP_GRE is allowed where WAN is the source and the VPN server is the destination (shouldn't this be two-way?)  

As for functionality, the D-Link has not given me any other problems outside of the VPN issue, however, after reading a large number of user reviews, it would seem that a number of others have had the same or similar experience. It's an inexpensive piece of hardware that I am not opposed to upgrading - I just want to make sure first that the problem is with it, and not me!

So, I'm a little unsure if the problem is with the setup, or with the hardware.  I'm not very well-versed in these sorts of networking issues and was hoping that the whole thing would be a lot easier. I have seen a lot of general info on setting up VPN - does anyone out there have experience setting up specifically the DI-604 to allow VPN connections?


Question by:firebird-sc
    LVL 77

    Expert Comment

    by:Rob Williams
    firebird-sc, I don't have much to add, sounds like you have it set up correctly though I haven't worked specifically with the D-Link VPN's. A couple of notes; assuming you are using the basic Windows VPN PPTP client you only need port 1723 forwarded and PPTP pass through enabled. If you are using L2TP with IPSec, probably not, you need UDP ports 500 and 1701, and also 4500 if you need NAT-T, as well you have to enable L2TP and IPSec pass-through.

    as for comment "(shouldn't this be two-way?) " that configures the incoming traffic, all outgoing traffic is allowed by default.

    On e test you might want to try if the forwarding is configured properly is to forward a simpler service such as remote desktop on port 3389. If that woks it might help to determine your problem is more with the VPN.

    One possible problem could be the remote and local networks should be different. If the office is using 192.168.0.x then the remote/client network should use something different such as 192.168.2.x This is an important rule with VPN's but with the Windows VPN it often works without doing so as it creates a virtual adapter for the connection. Still it wouldn't hurt to verify.

    LVL 2

    Author Comment

    Hi RobWill,

    Thanks for the comment.  I did some more work on the firewall after posting the question, then went home last night and was able to connect to the server for the first time with VPN.  I don't know what I did differently compared with the first time I tried to set this up, but now it works and I'm not complaining!  If it's okay with you, I'm going to ask to delete the question and have the points refunded.

    LVL 77

    Expert Comment

    by:Rob Williams
    firebird-sc, glad you were able to resolve.
    I have no problem with deleting the question and refunding points.
    Good luck,

    Accepted Solution

    Closed, 125 points refunded.
    The Experts Exchange
    Community Support Moderator of all Ages

    Featured Post

    Maximize Your Threat Intelligence Reporting

    Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

    Join & Write a Comment

    I have seen some questions on problems with SSH/telnet access to Cisco routers that may occur despite the fact that from a PC connected to your LAN, Internet connectivity is in place and users can access Internet sites without any issues.  There are…
    We've been using the Cisco/Linksys RV042 for years as: - an internet Gateway - a site-to-site VPN device - a leased line site-to-site subnet-to-subnet interface (And, here I'm assuming that any RV0xx behaves the same way as an RV042.  So that's …
    After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
    After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

    728 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    15 Experts available now in Live!

    Get 1:1 Help Now