Solved

Setup VPN on windows server 2003

Posted on 2006-06-20
11
8,742 Views
Last Modified: 2013-11-21
Here is the setup

Client with WinXP  >>>> Static IP to D-Link DI-804HV VPN Router setup as DHCP server, firewall opened port 1723 >>>>> port 1723 forwarded to Windows 2003 server with 2 Nic cards

I setup a fake user in active directory and checked 'allow remote access' on his profile. I setup a folder that only it can access on the server.
On winxp laptop i create a new vpn connection, input the ip address, username and password, and it says connecting to XXX then 'Verifying Username and Pasword'. This is where it gets stuck.

Do i need anything else in the clients home? Do i have to somehow point the test users profile at a folder? (i did not do this as i do not know how. It does look like it is working, help!!?

Thanks for any help
0
Comment
Question by:Halon
  • 2
  • 2
  • 2
  • +2
11 Comments
 
LVL 6

Expert Comment

by:dotENG
ID: 16947294
Did you follow the wizard in "Routing and Remote Access", if not, start-->run-->mmc-->CTRL+M-->ALT+D-->Routing And Remote Access-->Add Server-->Right Click Server Name-->Configure and Enable Routing and remote access.
From there it's self explanatory.
0
 
LVL 2

Expert Comment

by:119support
ID: 16947862
If you haven't created a remote users group, open Terminal Services Configuration and right click on RDP-Tcp choosing properties. Click the permissions tab and make sure the created user has access.
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 16948243
I assume the VPN end point is not the DI-804HV VPN router, but rather the Windows server. You can also configure the router to be the VPN server/endpoint. See:
http://support.dlink.com/faq/view.asp?prod_id=1439&question=DI-804HV%20/%20DI-808HV

However, to answer your question with your present set up you also need to enable PPTP pass-through" on the Tools / Misc page of the D-Link router. Have you enabled this?
0
 
LVL 7

Expert Comment

by:Kumar_Jayant123
ID: 16948455
Hi,

Check one Very important port and that is GRE 47.

Microsoft PPTP connection uses TCP 1723 and GRE 47 to create VPN. 1723 is used for the connection and GRE 47 for transferring the Password.

The best way to check whether it is open or not is Take a trace and filter it for GRE 47. see wether the traffic is passing through or not.

One of the tool you can use if RASDIAG. Cool tool to see what is happening over the network while making the PPTP connection

Hope this helps...

Kumar
0
Want to promote your upcoming event?

Attending an event? Speaking at a conference? Or exhibiting at a tradeshow? Easily inform your contacts by using a promotional banner in your email signature. This will ensure your organization’s most important contacts are in the know.

 

Author Comment

by:Halon
ID: 16981129
I have it set now so that the DI-804HV VPN router is the endpoint. Tired of the wiondows hassle. I created a ptpp tunnel on the rouiter and it will let me connect to it but now what? How do i look at the files on the server? I am a VPN newbie so my trhought was that it allows you to connect as if you were in the office. But all i can do is connect to the router.

Thanks for any help!!
0
 
LVL 2

Accepted Solution

by:
119support earned 168 total points
ID: 16981246
Once the tunnel is established it is, in theory, as if you are connected at the office. You can now TS into the server or open a network share with \\IP_Address.
0
 

Author Comment

by:Halon
ID: 16981328
TS?
0
 
LVL 6

Assisted Solution

by:dotENG
dotENG earned 166 total points
ID: 16981960
Terminal Server - Remote Desktop Connection.
Run mstsc.exe /v:ip_address_of_server
0
 
LVL 77

Assisted Solution

by:Rob Williams
Rob Williams earned 166 total points
ID: 16982429
NetBIOS names  (computer names) are not broadcast over most VPN's.
You can resolve this in several ways:
1) Use the IP address (of the computer you are connecting to) when connecting to devices such as;   \\123.123.123.123\ShareName   or map a drive at a  command prompt using  
 Net  Use  U:  \\123.123.123.123\ShareName
2) An option is to use the LMHosts file which creates a table of IP's and computer names. LMHosts is located in the Windows directory under c:\Windows (or WINNT)\System32\Drivers\Etc\LMHosts.sam , instructions are included within the file. Any line starting with # is just a comment and is ignored. Open the file with Notepad and add entries for your computers as below;
192.168.0.101      CompName       #PRE
Hit enter when each line is complete (important), then save the file without a file extension. To be sure there is no extension ,when saving enclose in quotations like "LMHosts". Now when you try to connect to a computer name it should find it as it will search the LMHosts file for the record before connecting.
More details regarding LMHosts file:
http://www.microsoft.com/resources/documentation/Windows/2000/server/reskit/en-us/Default.asp?url=/resources/documentation/windows/2000/server/reskit/en-us/cnet/cnfd_lmh_QXQQ.asp
The drawback of the LMHosts file is you have to maintain a static list of computernames and IP addresses. Also if the remote end uses DHCP assigned IP's it is not a feasible option. Thus in order to be able to use computer names dynamically try to enable with some of the following options:
3) if you have a WINS server add that to the network cards configuration
4) also under the WINS configuration on the network adapter make sure NetBIOS over TCP/IP is selected
5) try adding the remote DNS server to your local DNS servers in your network card's TCP/IP configuration
6) verify your router does not have a "block NetBIOS broadcast" option enabled
7) test if you can connect with the full computer and domain name as  \\ComputerName.domain.local  If so, add the suffix DomainName.local to the DNS configuration of the virtual private adapter/connection [ right click virtual adapter | properties | TCP/IP properties | Advanced | DNS | "Append these DNS suffixes (in order)" | Add ]
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

#Citrix #Citrix Netscaler #HTTP Compression #Load Balance
When it comes to security, there are always trade-offs between security and convenience/ease of administration. This article examines some of the main pros and cons of using key authentication vs password authentication for hosting an SFTP server.
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now