Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Router settings for VPN connection

Posted on 2006-05-23
5
Medium Priority
?
387 Views
Last Modified: 2010-04-12
Hi there,

I currently run a small network of a Windows 2003 server and several XP workstations.  All of these devices connect to the Internet through a router that provides broadband access.

I would like to be able to access my Windows 2003 server from the Internet via v VPN.  I have read how I can setup Windows 2003 accordingly with remote access, etc, and my ISP has provided me with my static and reserved IP address that I can use to do this.

My question is, what do I actually need to do on the router to do this?  Currently, it has an IP address of 192.168.0.1 which the other devices use as their gateway.  Do I need to program the router somehow with the IP address that my ISP has provided for me so that it can be "seen" from the outside world, and then I do some sort of port forwarding to route it to my Windows 2003 server (192.168.0.100)?

Can anyone help me with some steps here please?

Thanks!

Pete
0
Comment
Question by:peterkennedy
  • 3
  • 2
5 Comments
 
LVL 78

Accepted Solution

by:
Rob Williams earned 2000 total points
ID: 16747531
Pete, there are 3 things you need to configure on the router:
1) You need to configure the WAN configuration of the router. If you are already connected to the Internet this is probably already done. You can verify by connecting from the VPN server machine to  http://www.canyouseeme.org  and see what your public IP is. If that matches the assigned one you are done. If not:
  a) If your service provider has provided you with a static IP, you need to add the IP provided, their subnet mask, gateway, and DNS server IP's to the WAN page of the router
 b) If they assigned you a reserved IP it will be automaticly configured when you set up the router with the WAN dynamic or more likely PPPoE connection.
If these are done and the canyouseeme site does not match you may have a modem that performs NAT (Network Address Translation) If so checking the status page of the router will reveal an IP such as 192.168.x.x, 10.x.x.x, or 172.16-31.x.x  This being the case, the modem will have to be put in Bridged mode so you can assign the router the public IP.
I'm sure this part sounds complicated but if you have any trouble, just post the make and models of the modem and router and we can be more specific and verify what has to be done.

2) The router needs to be configured to forward port 1723 to the VPN server. Good visual instructions for most routers can be found at:
http://www.portforward.com/english/routers/port_forwarding/routerindex.htm
Click on the link for your router and on the resulting page click on the link for "Point to Point Tunneling Protocol"

3) GRE  packets have to be allowed to pass. On most small office routers this is accomplished by enabling "PPTP pass-through" on the router.

Again if you provide the makes an models we can be specific as to the location of the configurations.
--Rob
0
 
LVL 1

Author Comment

by:peterkennedy
ID: 16758605
Hi Rob,

Thanks so much for this.  This is excellent information.

The router we are using is a:

Netgear Cable/DSL Prosafe VPN Firewall
Model: FVS 318

If you can provide intructions/locations on this model that would be awesome.

Thanks!
0
 
LVL 78

Expert Comment

by:Rob Williams
ID: 16760128
Sure, see below:
1) You need to set up your ISP on the "basic settings" page of the router
2) The Netgears actually have 2 steps for this part. You have to define the PPTP service, and then do the port forwarding. Complete instructions are available at:
http://www.portforward.com/english/routers/port_forwarding/Netgear/FVS318/Point-to-Point_Tunneling_Protocol.htm
3) Seems on the FVS318, GRE is enabled by default or when the PPTP service is created. In other words you don't have to manually do anything with GRE to enable it

Good luck,
--Rob
0
 
LVL 1

Author Comment

by:peterkennedy
ID: 16765070
Hi Rob,

Thanks so much for your help.  This is exactly what I need.

I had a basic, high level idea of what needed to be done but didn't want to inadvertently open ports or break something!

Thanks again!

Pete
0
 
LVL 78

Expert Comment

by:Rob Williams
ID: 16765095
Thanks Pete.  
I was actually looking at one of these today and on the Firmware version the client had, the PPTP service already existed, so you didn't have to create a custom service, just enable it, as in the link above. Perhaps yours will be the same. Just check the "drop down list" under port forwarding first.
Good luck,
--Rob
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I've had to do a bit of research to setup my VPN connection so that Clients can access Windows Server 2008 network shares.  I have a Cisco ASA 5510 firewall.  I found an article which was extremely useful: It had a solution if you use ASDM to config…
If you use NetMotion Mobility on your PC and plan to upgrade to Windows 10, it may not work unless you take these steps.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…

577 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question