Windows2003 Server VPN not working after IP address change

I had a Windows2003 Server running VPN succesfully.  
The Windows2003 server is running AD,DHCP,DNS,WINS and RRA.
It was moved to a new network, from 192.168.1.x to 192.168.3.x
I deleted DCHP,DNS,WINS and RRA, changed the IP addresses on the two NICs and set the services back with the new IP addresses.  Everything else seems fine, can browse the internet, users' can log on internally, DCHP and DNS seem to be working fine.

VPN no longer works from outside. It doesnt' respond.

What should I look for?

Thanks!



 
markg003Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

markg003Author Commented:
Added note:  Nothing changed physically.  The internal IP address on the router changed from 192.168.1.1 to 192.168.3.1 and the IP addresses on the server NICS changed from 192.168.1.201 & 211 to 192.168.3.201 & 211

0
Rob WilliamsCommented:
A couple of thoughts:
Has the router been reconfigured to redirect the appropriate ports (likely 1723, if using PPTP) to the new server IP?
Check with http://www.canyouseeme.org  that the port is open/visible and that the WAN IP you are trying to connect to is correct.

0
markg003Author Commented:
Thanks. I just tried that. It says that it can NOT see me on port 1723.
Yes the router (Lynksys) was changed from 192.168.1.1 to 192.168.3.1 and the DMZ and Port Forwarding (for 1723) automatically change the first 3 octets (192.168.3) .

0
ON-DEMAND: 10 Easy Ways to Lose a Password

Learn about the methods that hackers use to lift real, working credentials from even the most security-savvy employees in this on-demand webinar. We cover the importance of multi-factor authentication and how these solutions can better protect your business!

Rob WilliamsCommented:
Sounds like that part is configured correctly. I forgot to mention to test with www.canyouseeme.org you need to be connecting from the VPN server for the port to show as open, so that is likely all that is wrong there.
DHCP,DNS,WINS shouldn't affect the basic connection to the server with the VPN, so sounds like must be part of RRAS service, though you likely figured that out :-)
Was DHCP configured before you re-configured RRAS? If not it could have to do with the virtual IP assignment within RRAS.
Do you get a connection error # when trying to connect, or does it get that far?

If in doubt about the configuration have a look at the following to confirm the VPN configuration:
http://www.onecomputerguy.com/networking/w3k_vpn_server.htm

0
markg003Author Commented:
THANKS FOR YOUR HELP!

Yes, I think the www.canyouseeme.org is valid.  It showed me the NIC and IP address of the externallly conencted NIC properly.

Yes, I've uninstalled and re-installed RRAS a couple of times, so DNS,DHCP, etc were all done before RRAS.

0
markg003Author Commented:
I've tried RRAS with no packet filtering (letting everything in) and assigning the router DMZ straight to the server, so it's (temporarily) fully open to the internet, and I can remote desktop, but STILL can't VPN in.

RRAS functions from INSIDE, but not outside, but evertyhting else from outside seems to work.

Not much hair left :(

0
Rob WilliamsCommented:
You say the VPN functions from inside but not outside? Is PPTP pass-through still enabled on the router?

Are there any error #'s when you try to connect from outside such as 678, 721, 800, etc. ?
0
markg003Author Commented:
SOLVED!

I deleted the Port Forwarding definition for 1723 on the rotuer and re-added it.

Now it works.

I KNOW it was correct, because I screen dumped and printed EVERY single DCHP, DNS, RRAS screen and Router setting, and went over each of the dozens of papers to make sure I had everything exactly the same.  Everything is on paper and everything is identical, except for the 192.168.3.x vs 192.168.1.x

I even rebooted the Linksys router to no avail.  But deleting the prot forwarding and re-addining it worked.

Darn, cheap routers >:(

Okay so I think it's solved!

I'm very NEW to this Experts-Exchange... just singed up this afternoon, and am VERY impressed with your help.  Since I'm new I have NO IDEA how this all works, who to thank, who to buy a beer, etc.     I'll check back on this htread later tonight and thank you properly, but right now have to run.

0
Rob WilliamsCommented:
You would assume making a change that affects the web interface would write to the basic configuration but perhaps it doesn't. That is something you might want to advise Linksys about. Very interesting. That may explain a lot of problems over the years. Glad you were able to resolve.

As for the beer sounds good to me.
EE is a great site in that, unlike mosts sites, you seem to get a response very quickly, often from numerous members.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Rob WilliamsCommented:
Thanks markg003,
--Rob
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Networking

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.