[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Windows2003 Server VPN not working after IP address change

Posted on 2006-03-21
11
Medium Priority
?
302 Views
Last Modified: 2007-02-12
I had a Windows2003 Server running VPN succesfully.  
The Windows2003 server is running AD,DHCP,DNS,WINS and RRA.
It was moved to a new network, from 192.168.1.x to 192.168.3.x
I deleted DCHP,DNS,WINS and RRA, changed the IP addresses on the two NICs and set the services back with the new IP addresses.  Everything else seems fine, can browse the internet, users' can log on internally, DCHP and DNS seem to be working fine.

VPN no longer works from outside. It doesnt' respond.

What should I look for?

Thanks!



 
0
Comment
Question by:markg003
  • 5
  • 5
10 Comments
 

Author Comment

by:markg003
ID: 16251624
Added note:  Nothing changed physically.  The internal IP address on the router changed from 192.168.1.1 to 192.168.3.1 and the IP addresses on the server NICS changed from 192.168.1.201 & 211 to 192.168.3.201 & 211

0
 
LVL 78

Expert Comment

by:Rob Williams
ID: 16251671
A couple of thoughts:
Has the router been reconfigured to redirect the appropriate ports (likely 1723, if using PPTP) to the new server IP?
Check with http://www.canyouseeme.org  that the port is open/visible and that the WAN IP you are trying to connect to is correct.

0
 

Author Comment

by:markg003
ID: 16251777
Thanks. I just tried that. It says that it can NOT see me on port 1723.
Yes the router (Lynksys) was changed from 192.168.1.1 to 192.168.3.1 and the DMZ and Port Forwarding (for 1723) automatically change the first 3 octets (192.168.3) .

0
Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

 
LVL 78

Expert Comment

by:Rob Williams
ID: 16251886
Sounds like that part is configured correctly. I forgot to mention to test with www.canyouseeme.org you need to be connecting from the VPN server for the port to show as open, so that is likely all that is wrong there.
DHCP,DNS,WINS shouldn't affect the basic connection to the server with the VPN, so sounds like must be part of RRAS service, though you likely figured that out :-)
Was DHCP configured before you re-configured RRAS? If not it could have to do with the virtual IP assignment within RRAS.
Do you get a connection error # when trying to connect, or does it get that far?

If in doubt about the configuration have a look at the following to confirm the VPN configuration:
http://www.onecomputerguy.com/networking/w3k_vpn_server.htm

0
 

Author Comment

by:markg003
ID: 16251915
THANKS FOR YOUR HELP!

Yes, I think the www.canyouseeme.org is valid.  It showed me the NIC and IP address of the externallly conencted NIC properly.

Yes, I've uninstalled and re-installed RRAS a couple of times, so DNS,DHCP, etc were all done before RRAS.

0
 

Author Comment

by:markg003
ID: 16251951
I've tried RRAS with no packet filtering (letting everything in) and assigning the router DMZ straight to the server, so it's (temporarily) fully open to the internet, and I can remote desktop, but STILL can't VPN in.

RRAS functions from INSIDE, but not outside, but evertyhting else from outside seems to work.

Not much hair left :(

0
 
LVL 78

Expert Comment

by:Rob Williams
ID: 16252052
You say the VPN functions from inside but not outside? Is PPTP pass-through still enabled on the router?

Are there any error #'s when you try to connect from outside such as 678, 721, 800, etc. ?
0
 

Author Comment

by:markg003
ID: 16252178
SOLVED!

I deleted the Port Forwarding definition for 1723 on the rotuer and re-added it.

Now it works.

I KNOW it was correct, because I screen dumped and printed EVERY single DCHP, DNS, RRAS screen and Router setting, and went over each of the dozens of papers to make sure I had everything exactly the same.  Everything is on paper and everything is identical, except for the 192.168.3.x vs 192.168.1.x

I even rebooted the Linksys router to no avail.  But deleting the prot forwarding and re-addining it worked.

Darn, cheap routers >:(

Okay so I think it's solved!

I'm very NEW to this Experts-Exchange... just singed up this afternoon, and am VERY impressed with your help.  Since I'm new I have NO IDEA how this all works, who to thank, who to buy a beer, etc.     I'll check back on this htread later tonight and thank you properly, but right now have to run.

0
 
LVL 78

Accepted Solution

by:
Rob Williams earned 1500 total points
ID: 16252248
You would assume making a change that affects the web interface would write to the basic configuration but perhaps it doesn't. That is something you might want to advise Linksys about. Very interesting. That may explain a lot of problems over the years. Glad you were able to resolve.

As for the beer sounds good to me.
EE is a great site in that, unlike mosts sites, you seem to get a response very quickly, often from numerous members.
0
 
LVL 78

Expert Comment

by:Rob Williams
ID: 16592453
Thanks markg003,
--Rob
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

During and after that shift to cloud, one area that still poses a struggle for many organizations is what to do with their department file shares.
This program is used to assist in finding and resolving common problems with wireless connections.
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…

829 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question