• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 338
  • Last Modified:

VPN Frustration

Here is the setup:
Win XP x64 on a desktop connected via CAT5e to a Dell TrueMobile 2300. The router is serviced by an SBC ADSL WAN Link. The "server" (x64 desktop) is statically assigned 192.168.1.10 and is set as DMZ on the TrueMobile. The unit is configured to accept outside connections with PPTP and assign them an address from the scope 192.160.1.100 to 192.169.1.130.

Problem:
When connecting from an off site location we get the "Verifying Username and Password" dialouge and then error out.

Considerations:
1) We have tested it internally. The clients get an IP address within that range and works fine.
2) PPTP/VPN Passthrough is enabled on all involved devices (The TrueMobile has 1723 forwarded).

Any and all ideas are welcome.
Thanks!
0
pcpalct
Asked:
pcpalct
1 Solution
 
plemieux72Commented:
I am not familiar with the Dell router.  However, you should try the following:

- Put the server on your inside LAN.  You don't need it on the DMZ because VPN will allow you to securely connect from outside to inside.  A DMZ is for untrusted (or less-trusted)connections from outside.

- If your inside network is 192.168.1.0/24 (mask 255.255.255.0), your VPN network (the address pool assigned to outside VPN clients) should be different.  For example, 192.168.2.0/24.  This will give you 254 addresses for inside and 254 addresses for the VPN pool.  Your current VPN range (if it was not a typo) is really big... 500000+ hosts with a 255.248.0.0 mask.  I doubt this is what you wanted and the router is probably confused if you have a different mask...

Note- you don't need to forward 1723 on the router since the VPN connection terminates there from the outside.  Also, having VPN passthrough enabled won't help your outside connections.  Passthrough is to allow internal clients (with a software VPN client) to connect to an outside VPN server.
0
 
pcpalctAuthor Commented:
Thanks for your input. I agree with a few things you said and even venture to say that I must have made a typo somewhere (192.160* hahah!) so that statement of mine made little sense.

The ultimate answer was that the customers were running Dynamic DSL Packages from SBC (without my knowledge - of course, let the IT guy know the details last) and they naturally need SBC Static IP Packages to take advantage of web & VPN services (confirmed this with SBC Technicial Support).

Thanks a bunch!
0

Featured Post

Get expert help—faster!

Need expert help—fast? Use the Help Bell for personalized assistance getting answers to your important questions.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now