Solved

GRE not being opened for VPN access any more

Posted on 2007-11-17
5
1,340 Views
Last Modified: 2008-05-31
For some reason after reinstalling the Windows server (after a total array failure) the system will no longer allow incoming VPN connections due to failing to allow in GRE packets, from memory all settings for the VPN (Routing & Remote Access) are the same..

The firewall & NAT rules are all ok as it can make a connection to log this message on the server and (PPTP) GRE IS enabled (as well as L2TP) to the same internal IP addresses.

Event Type:      Warning
Event Source:      Rasman
Event Category:      None
Event ID:      20209
Date:            17/11/2007
Time:            9:54:36 p.m.
User:            N/A
Computer:      SERVER
Description:
A connection between the VPN server and the VPN client (**remote IP address**) has been established, but the VPN connection cannot be completed. The most common cause for this is that a firewall or router between the VPN server and the VPN client is not configured to allow Generic Routing Encapsulation (GRE) packets (protocol 47). Verify that the firewalls and routers between your VPN server and the Internet allow GRE packets. Make sure the firewalls and routers on the user's network are also configured to allow GRE packets. If the problem persists, have the user contact the Internet service provider (ISP) to determine whether the ISP might be blocking GRE packets.

0
Comment
Question by:kiwistag
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 11

Accepted Solution

by:
tvman_od earned 150 total points
ID: 20305828
Is there a chance that the problem is on client's side? Besides that, try to disable firewall for a moment just to make sure you didn't overlooked anything.
0
 
LVL 6

Author Comment

by:kiwistag
ID: 20305881
Client: Dialup with & without firewall.
Server (Router): With & without firewall.
Recreated RRAS Setup, all without any luck.

I have one of the 2 active adaptors set up in a HP LAN Team also. (3 physical adaptors - 2 in team, 1 standalone).
0
 
LVL 11

Assisted Solution

by:tvman_od
tvman_od earned 150 total points
ID: 20305927
Did you try to make a connection from the same LAN? I believe that teaming is configured correctly, otherwise it would cause major connectivity problems.
0
 
LVL 1

Assisted Solution

by:sveashwar
sveashwar earned 50 total points
ID: 20306551
try to check weather pptp-gre port is open using nmap/telnet and start there
0
 
LVL 6

Author Comment

by:kiwistag
ID: 20306649
Sorted.
It turned out that my router by default denied outgoing GRE, AH & ESP protocols.

This in conjunction with a problem with the setup of the Routing & Remote Access service created 2 variables to the one problem.
0

Featured Post

Register Today - IoT Current and Future Threats

Are you prepared to protect your organization from current and future IoT Threats?  Join our Wi-Fi expert in episode three of our webinar series for a look at the current state of Wi-Fi IoT and what may lie ahead. Register for our live webinar on April 20th at 9 am PDT!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article runs through the process of deploying a single EXE application selectively to a group of user.
This article describes my battle tested process for setting up delegation. I use this process anywhere that I need to setup delegation. In the article I will show how it applies to Active Directory
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…

740 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question