SBS 2003 l2tp port issue

Posted on 2007-10-05
Last Modified: 2008-01-09
I would need someone to test something for me.
I have been working with Micorsoft support ( for hours) on an vpn port issue and we are at odds.

our  server was running PPTP vpn connections with no problems but I have to change to L2TP
for various reasons.
On my server I can telnet (telnet localhost 1723) and I don't get the port not open error ,so it is working.
I go through the procedure to setup L2TP with a pre-shared key I also get the MS tech to look at the settings, so everything looks right.
But from the server I cannot telnet localhost  on port 500 or 1701.

could someone who is running l2tp try to telnet to 500 1701 from their server and  see if they get an answer???

The MS tech just turned around and blamed my router or the xp client or SP2

any help would be appreciated.

Thank you

Question by:Coldnorth
    LVL 74

    Expert Comment

    by:Jeffrey Kane - TechSoEasy
    You can't use telnet to port 500 and 1701 because for L2TP you don't enable the TCP ports, they're UDP.  So if you want to test the connectivity you can use portqry.exe (, but doing that for localhost is a bit unnecessary since the ports will be open internally.

    If you've enabled the IPSec Policy for L2TP connection in RRAS Security properties and entered a valid pre-shared key, then I would probably concur with the Microsoft Tech that the problem is either in your router or on the remote end.  

    What make/model router are you using?  
    Does it have L2TP Passthrough enabled?  
    Do you have the ports open on the router as UDP or did you set them as TCP?  
    Is the firmware up-to-date with the latest version?  
    Have you tried connecting from more than one remote machine?


    Author Comment

    I assumed that much but the MS tech is the one adamant to "telnet" to these ports on the server or on the router.

    the router is a netopia r910 with the latest firmware V8.5.0
    port 500,1701 and 4500 on UDP are open and pointing to the
    internal IP of the SBS server
    As per an article from the netopia site when port 500 is opened protocol 50 and 51 also are

    thank you

    LVL 74

    Accepted Solution

    Then you should review this Netopia document about passthrough configurations:

    At one time, Netopia Routers didn't support IPSec Transfer, they would only work as the VPN Endpoint.  So I don't even use them in my deployments.  Therefore, I can't vouch for whether their above instructions will work for you.


    Author Comment

    Thank you

    As per Netopia their routers do passthru l2tp properly.
    so I will keep wrestling with the MS guy!

    Featured Post

    How your wiki can always stay up-to-date

    Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
    - Increase transparency
    - Onboard new hires faster
    - Access from mobile/offline

    Join & Write a Comment

    Some of you may have heard that SonicWALL has finally released an app for iOS devices giving us long awaited connectivity for our iPhone's, iPod's, and iPad's. This guide is just a quick rundown on how to get up and running quickly using the app. …
    I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market.  Every year, Cisco displays cutting-edge technol…
    After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
    After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

    734 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    21 Experts available now in Live!

    Get 1:1 Help Now