Link to home
Create AccountLog in
Avatar of Coldnorth
ColdnorthFlag for Canada

asked on

SBS 2003 l2tp port issue

hello
I would need someone to test something for me.
I have been working with Micorsoft support ( for hours) on an vpn port issue and we are at odds.

our  server was running PPTP vpn connections with no problems but I have to change to L2TP
for various reasons.
On my server I can telnet (telnet localhost 1723) and I don't get the port not open error ,so it is working.
I go through the procedure to setup L2TP with a pre-shared key I also get the MS tech to look at the settings, so everything looks right.
But from the server I cannot telnet localhost  on port 500 or 1701.

could someone who is running l2tp try to telnet to 500 1701 from their server and  see if they get an answer???

The MS tech just turned around and blamed my router or the xp client or SP2

any help would be appreciated.

Thank you

Avatar of Jeffrey Kane - TechSoEasy
Jeffrey Kane - TechSoEasy
Flag of United States of America image

You can't use telnet to port 500 and 1701 because for L2TP you don't enable the TCP ports, they're UDP.  So if you want to test the connectivity you can use portqry.exe (http://support.microsoft.com/kb/310298), but doing that for localhost is a bit unnecessary since the ports will be open internally.

If you've enabled the IPSec Policy for L2TP connection in RRAS Security properties and entered a valid pre-shared key, then I would probably concur with the Microsoft Tech that the problem is either in your router or on the remote end.  

What make/model router are you using?  
Does it have L2TP Passthrough enabled?  
Do you have the ports open on the router as UDP or did you set them as TCP?  
Is the firmware up-to-date with the latest version?  
Have you tried connecting from more than one remote machine?

Jeff
TechSoEasy
Avatar of Coldnorth

ASKER

Hello
I assumed that much but the MS tech is the one adamant to "telnet" to these ports on the server or on the router.

the router is a netopia r910 with the latest firmware V8.5.0
port 500,1701 and 4500 on UDP are open and pointing to the
internal IP of the SBS server
As per an article from the netopia site when port 500 is opened protocol 50 and 51 also are

thank you


ASKER CERTIFIED SOLUTION
Avatar of Jeffrey Kane - TechSoEasy
Jeffrey Kane - TechSoEasy
Flag of United States of America image

Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
See answer
Thank you

As per Netopia their routers do passthru l2tp properly.
so I will keep wrestling with the MS guy!