ajulianolmv
asked on
VPN config in SBS 2003 ErrorCode = 800 ErrorSource = RAS
We have a SBS2003 server. Previously we had a Juniper Netscreen 5Gt that went south. We replaced it with a Linksys RV S4000. Trying to get the quickclient to work is not an option, we ultimitly need more then 5 connections.
With the Netscreen Remote Access was not enabled. IAS was configured with a Juniper entry, Radius authentication.
I have all applicable ports on the router open.
I am able to access and connect to the VPN from inside the firewall. Under Logon domain I enter the domain name. From outside the firewall I fill this field in with the public IP address (the same address we used with the Netscreen)
When I attempt to connect I recieve the following:
**************************
Operating System : Windows NT 5.1 Service Pack 2
Dialer Version : 7.2.2600.2180
Connection Name : Connect to Small Business Server
All Users/Single User : Single User
Start Date/Time : 5/24/2007, 18:29:13
**************************
Module Name, Time, Log ID, Log Item Name, Other Info
For Connection Type, 0=dial-up, 1=VPN, 2=VPN over dial-up
**************************
[cmdial32] 18:29:13 03 Pre-Init Event CallingProcess = C:\WINDOWS\Explorer.EXE
[cmdial32] 18:30:55 04 Pre-Connect Event ConnectionType = 1
[cmdial32] 18:30:55 06 Pre-Tunnel Event UserName = xxxxxxxx
Domain = xxxxxxxx DUNSetting = Connect to Small Business Server Tunnel DeviceName = TunnelAddress = server01.xxxxxxxxx.local
[cmdial32] 18:30:55 20 On-Error Event ErrorCode = 800 ErrorSource = RAS
[cmdial32] 18:30:57 19 On-Cancel Event
[cmdial32] 18:31:30 04 Pre-Connect Event ConnectionType = 1
[cmdial32] 18:31:30 06 Pre-Tunnel Event UserName = xxxxxxxxxx Domain = 123.123.123.123 DUNSetting = Connect to Small Business Server Tunnel DeviceName = TunnelAddress = server01.xxxxxxxx.local
[cmdial32] 18:31:31 20 On-Error Event ErrorCode = 800 ErrorSource = RAS
[cmdial32] 18:31:36 06 Pre-Tunnel Event UserName = xxxxxxxx Domain = 123.123.123.123 DUNSetting = Connect to Small Business Server Tunnel DeviceName = TunnelAddress = server01.xxxxxxxx.local
[cmdial32] 18:31:36 20 On-Error Event ErrorCode = 800 ErrorSource = RAS
[cmdial32] 18:31:40 19 On-Cancel Event
[cmdial32] 18:32:24 04 Pre-Connect Event ConnectionType = 1
[cmdial32] 18:32:24 06 Pre-Tunnel Event UserName = xxxxxxxxxxx Domain = 123.123.123.123 DUNSetting = Connect to Small Business Server Tunnel DeviceName = TunnelAddress = server01.xxxxxxxx.local
[cmdial32] 18:32:24 20 On-Error Event ErrorCode = 800 ErrorSource = RAS
[cmdial32] 18:32:30 06 Pre-Tunnel Event UserName = xxxxxxxxxxxxxxx Domain = 123.123.123.123 DUNSetting = Connect to Small Business Server Tunnel DeviceName = TunnelAddress = server01.xxxxxxxxx.local
[cmdial32] 18:32:30 20 On-Error Event ErrorCode = 800 ErrorSource = RAS
[cmdial32] 18:32:30 19 On-Cancel Event
Please help. I need this set so our remote workers can get back to work.
With the Netscreen Remote Access was not enabled. IAS was configured with a Juniper entry, Radius authentication.
I have all applicable ports on the router open.
I am able to access and connect to the VPN from inside the firewall. Under Logon domain I enter the domain name. From outside the firewall I fill this field in with the public IP address (the same address we used with the Netscreen)
When I attempt to connect I recieve the following:
**************************
Operating System : Windows NT 5.1 Service Pack 2
Dialer Version : 7.2.2600.2180
Connection Name : Connect to Small Business Server
All Users/Single User : Single User
Start Date/Time : 5/24/2007, 18:29:13
**************************
Module Name, Time, Log ID, Log Item Name, Other Info
For Connection Type, 0=dial-up, 1=VPN, 2=VPN over dial-up
**************************
[cmdial32] 18:29:13 03 Pre-Init Event CallingProcess = C:\WINDOWS\Explorer.EXE
[cmdial32] 18:30:55 04 Pre-Connect Event ConnectionType = 1
[cmdial32] 18:30:55 06 Pre-Tunnel Event UserName = xxxxxxxx
Domain = xxxxxxxx DUNSetting = Connect to Small Business Server Tunnel DeviceName = TunnelAddress = server01.xxxxxxxxx.local
[cmdial32] 18:30:55 20 On-Error Event ErrorCode = 800 ErrorSource = RAS
[cmdial32] 18:30:57 19 On-Cancel Event
[cmdial32] 18:31:30 04 Pre-Connect Event ConnectionType = 1
[cmdial32] 18:31:30 06 Pre-Tunnel Event UserName = xxxxxxxxxx Domain = 123.123.123.123 DUNSetting = Connect to Small Business Server Tunnel DeviceName = TunnelAddress = server01.xxxxxxxx.local
[cmdial32] 18:31:31 20 On-Error Event ErrorCode = 800 ErrorSource = RAS
[cmdial32] 18:31:36 06 Pre-Tunnel Event UserName = xxxxxxxx Domain = 123.123.123.123 DUNSetting = Connect to Small Business Server Tunnel DeviceName = TunnelAddress = server01.xxxxxxxx.local
[cmdial32] 18:31:36 20 On-Error Event ErrorCode = 800 ErrorSource = RAS
[cmdial32] 18:31:40 19 On-Cancel Event
[cmdial32] 18:32:24 04 Pre-Connect Event ConnectionType = 1
[cmdial32] 18:32:24 06 Pre-Tunnel Event UserName = xxxxxxxxxxx Domain = 123.123.123.123 DUNSetting = Connect to Small Business Server Tunnel DeviceName = TunnelAddress = server01.xxxxxxxx.local
[cmdial32] 18:32:24 20 On-Error Event ErrorCode = 800 ErrorSource = RAS
[cmdial32] 18:32:30 06 Pre-Tunnel Event UserName = xxxxxxxxxxxxxxx Domain = 123.123.123.123 DUNSetting = Connect to Small Business Server Tunnel DeviceName = TunnelAddress = server01.xxxxxxxxx.local
[cmdial32] 18:32:30 20 On-Error Event ErrorCode = 800 ErrorSource = RAS
[cmdial32] 18:32:30 19 On-Cancel Event
Please help. I need this set so our remote workers can get back to work.
ASKER
Morning RobWill
I checked and port 1723 is open. The page returned a message that it could see the service on the IP address. I still cannot connect using the VPN.
I have never configured IAS before. Is it needed and if so do you know of anywhere where I can get a better understanding of how to configure?
I checked and port 1723 is open. The page returned a message that it could see the service on the IP address. I still cannot connect using the VPN.
I have never configured IAS before. Is it needed and if so do you know of anywhere where I can get a better understanding of how to configure?
No need to configure IAS, and personally I would keep disabled, at least until basic connection is established.
Is "allow access" enabled on the dial-in tab of the user's profile in active directory? It might not be where you were using IAS/RADIUS before.
Also, is it possible to test the connection from another site. A few IPS's, modems, and routers do not support PPTP tunnels. The Netscreen likely used IPSec, rather than PPTP.
Finally, for the record, you need to test this from off site. You cannot connect to the public IP from inside, of the same router.
Is "allow access" enabled on the dial-in tab of the user's profile in active directory? It might not be where you were using IAS/RADIUS before.
Also, is it possible to test the connection from another site. A few IPS's, modems, and routers do not support PPTP tunnels. The Netscreen likely used IPSec, rather than PPTP.
Finally, for the record, you need to test this from off site. You cannot connect to the public IP from inside, of the same router.
ASKER
Hi RobWill,
Actually traveling down that path right now. To this point I have,
Stopped IAS
Enabled VPN for my user ID
On the Linksys RVS4000 I have a) configured to pass through of PPTP and IPSec b) disabled the firewall
On my notebook I have removed the SBS client software and manually configured a VPN client.
To test I unplug from my network on jump on to a wireless network from an adjoining office.
Now receiving Error 721.
BTW The Linksys is flashed with the latest firmware: 1.1.09
Actually traveling down that path right now. To this point I have,
Stopped IAS
Enabled VPN for my user ID
On the Linksys RVS4000 I have a) configured to pass through of PPTP and IPSec b) disabled the firewall
On my notebook I have removed the SBS client software and manually configured a VPN client.
To test I unplug from my network on jump on to a wireless network from an adjoining office.
Now receiving Error 721.
BTW The Linksys is flashed with the latest firmware: 1.1.09
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
RobWill,
Ended up exchanging the Linksys RVS4000 (POS) for a Netgear FVS124G. I had read some iffy reviews on it but it seems that with the latest firmware they have a nice stable platform.
So far this is a SWEETHEART little box addressing all the needs of this office, remote users and hulti homing to boot!
I am awarding you the points for all your help. Thanks,
RG
Ended up exchanging the Linksys RVS4000 (POS) for a Netgear FVS124G. I had read some iffy reviews on it but it seems that with the latest firmware they have a nice stable platform.
So far this is a SWEETHEART little box addressing all the needs of this office, remote users and hulti homing to boot!
I am awarding you the points for all your help. Thanks,
RG
I too have recently heard hear of some problems with the Linksys. I'm sure they will eliminate the bugs with firmware updates, as you have indicated they may have already done. The FVS124G has some nice features. Glad to hear you are up and running.
Thanks RG.
Cheers !
--Rob
Thanks RG.
Cheers !
--Rob
Verify port 1723 has been forwarded properly from the router to the SBS by logging onto the SBS and going to http://www.canyouseeme.org
Test for port 1723 and that the IP to which you are connecting is correct.
This doesn't test for GRE, protocol 47, but you would have a different error code (721) if that were the only issue. GRE on most Linksys routers is enabled by checking the option "enable PPTP pass-through"