rpraveen
asked on
VPN Access from the internet not working.
Hello,
I have a Sonicwall SOHO3 firewall, which on one side is connected to the Internet and on the other side to my LAN directly. On the LAn I have a Windows 2000 Server Domain COntroller running MS Exchange 2000, ISA 2000 and VPN Server.
I have configured the NAT on the firewall to access the Windows 2000 Server machine. The ports that are open to reach this server are 80,25, 1723, 500.
IP Address within my office is 172.31.8.xx . The Rules on the firewall are to allow the above metioned ports for the local IP of the server (172.31.8.xx)
I am able to connect a VPN connection successfully from within the LAN to this VPN Server. However, I am unable to do the same from the Internet.
Are there any other ports that need to be open for this to work successfully.
I tried the following on the Windows 2000 Server itself :
1. telnet localhost 25 --> Worked
2. telnet localhost 1723 --> Worked
3. telnet localhost 500 --> Did Not work.
Many Thanks,
Praveen.
I have a Sonicwall SOHO3 firewall, which on one side is connected to the Internet and on the other side to my LAN directly. On the LAn I have a Windows 2000 Server Domain COntroller running MS Exchange 2000, ISA 2000 and VPN Server.
I have configured the NAT on the firewall to access the Windows 2000 Server machine. The ports that are open to reach this server are 80,25, 1723, 500.
IP Address within my office is 172.31.8.xx . The Rules on the firewall are to allow the above metioned ports for the local IP of the server (172.31.8.xx)
I am able to connect a VPN connection successfully from within the LAN to this VPN Server. However, I am unable to do the same from the Internet.
Are there any other ports that need to be open for this to work successfully.
I tried the following on the Windows 2000 Server itself :
1. telnet localhost 25 --> Worked
2. telnet localhost 1723 --> Worked
3. telnet localhost 500 --> Did Not work.
Many Thanks,
Praveen.
ASKER
Hi Jay,
Thank you very much. It worked. But I am unable to access resources on the other machines on the LAN while connected using VPN via the internet. HOw can I achieve this, please.
Thanks
Praveen.
Thank you very much. It worked. But I am unable to access resources on the other machines on the LAN while connected using VPN via the internet. HOw can I achieve this, please.
Thanks
Praveen.
hmm do you get given an IP address that matches the other machines when you connect via VPN?
are you able to ping other machines and if you run \\computername what happens?
ASKER
Yes, I get an IP silimar to the ones on the LAN. I am able to ping other machines. But I am unable to get access using \\computername. It says "The network path was not found."
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Hi James,
Hope you had a good night. Guess you are in Australia. \\ipaddress works. Looks like a simple DNS setting, but I am not sure what to change. However, I put in an entry in the hosts file of the OS and then i was able to get \\computername. Is there a better solution that you have on this. PLs let me know.
Thanks
Praveen.
Hope you had a good night. Guess you are in Australia. \\ipaddress works. Looks like a simple DNS setting, but I am not sure what to change. However, I put in an entry in the hosts file of the OS and then i was able to get \\computername. Is there a better solution that you have on this. PLs let me know.
Thanks
Praveen.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
rob,
wow thats an answer! you deserve points on this for sure as you just pointed out a few things i didnt know about. ill be pasting that answer in my little book of knowledge for future reference!
James
Praveen,
hows is goin mate, did you try Rob's suggestions??
wow thats an answer! you deserve points on this for sure as you just pointed out a few things i didnt know about. ill be pasting that answer in my little book of knowledge for future reference!
James
Praveen,
hows is goin mate, did you try Rob's suggestions??
Aw shucks ! Actually just a list I made a while ago, that I cut and paste. Name resolution over a VPN can be a nuisance some times.
Thanks though.
--Rob
Thanks though.
--Rob
ha well i just flogged your list for my own!
I hope I got credit, even if no points. :-)
Plagiarism is punishable by caging with Tasmanian Devils.
Plagiarism is punishable by caging with Tasmanian Devils.
its alright the little buggers are virtually extinct.... if you can find one you can cage me with hm! (zoos dont count)
its more for my use anywayz :)
its more for my use anywayz :)
Feel free, just 'razzing you'
--Rob
--Rob
:) ill send you a tazzy devil in repayment
Let's see you get that through customs.
hmm toushe i submit....
ASKER
Hi James and Rob,
Thanks a lot to you guys. I tried the \\ipaddress suggested by James and the hosts file entry suggested by Rob. The two together helped me resolve my problem. Thanks once again.
James, good luck with getting a tazzy devil across to Rob ;)
I am going to split the points on this question to both of you.
Thanks and Regards,
Praveen.
Thanks a lot to you guys. I tried the \\ipaddress suggested by James and the hosts file entry suggested by Rob. The two together helped me resolve my problem. Thanks once again.
James, good luck with getting a tazzy devil across to Rob ;)
I am going to split the points on this question to both of you.
Thanks and Regards,
Praveen.
thanks praveen,
out of curiosity, i dont really care about the points, but why did we get the B grade, did our answers not help you enough??
i think i will have to express post the little rodent!
cheers mate
out of curiosity, i dont really care about the points, but why did we get the B grade, did our answers not help you enough??
i think i will have to express post the little rodent!
cheers mate
ASKER
Hi James,
Sorry about that. that was an oversight. I think I was using the keyboard rather than the mouse and I made a mistake in choosing the grade. Is there a way I can change it to A? because I truely feel that your answers helped me solve my problem.
Many Thanks again,
Praveen.
Sorry about that. that was an oversight. I think I was using the keyboard rather than the mouse and I made a mistake in choosing the grade. Is there a way I can change it to A? because I truely feel that your answers helped me solve my problem.
Many Thanks again,
Praveen.
thats ok mate i was just curious
you can place a question in communtiy support asking the grade to be changed to A and the mods will take care of it for you. just make sure you put a link to this Q
as i said, i was just hoping that we had given a correct answer and if not, just wanted to know where it went skewiff!
cheers Praveen
James
you can place a question in communtiy support asking the grade to be changed to A and the mods will take care of it for you. just make sure you put a link to this Q
as i said, i was just hoping that we had given a correct answer and if not, just wanted to know where it went skewiff!
cheers Praveen
James
Thanks Praveen.,
--Rob
--Rob
Even more thanks <G> rpraveen, and AnnieMod.
--Rob
--Rob
thankyou!
extract from VPN site
If the VPN server is behind a router, Port Mapping will need to be done on the router.
Standard port usage is 1723 for PPTP. You might also need to configure your router for PPTP Passthrough. Port usage for IPSec is 500, 50-51. These ports will have to be forwarded to the VPN server's local IP address
could be the last ports you are missing
Cheers!