Solved

GRE not being opened for VPN access any more

Posted on 2007-11-17
5
1,339 Views
Last Modified: 2008-05-31
For some reason after reinstalling the Windows server (after a total array failure) the system will no longer allow incoming VPN connections due to failing to allow in GRE packets, from memory all settings for the VPN (Routing & Remote Access) are the same..

The firewall & NAT rules are all ok as it can make a connection to log this message on the server and (PPTP) GRE IS enabled (as well as L2TP) to the same internal IP addresses.

Event Type:      Warning
Event Source:      Rasman
Event Category:      None
Event ID:      20209
Date:            17/11/2007
Time:            9:54:36 p.m.
User:            N/A
Computer:      SERVER
Description:
A connection between the VPN server and the VPN client (**remote IP address**) has been established, but the VPN connection cannot be completed. The most common cause for this is that a firewall or router between the VPN server and the VPN client is not configured to allow Generic Routing Encapsulation (GRE) packets (protocol 47). Verify that the firewalls and routers between your VPN server and the Internet allow GRE packets. Make sure the firewalls and routers on the user's network are also configured to allow GRE packets. If the problem persists, have the user contact the Internet service provider (ISP) to determine whether the ISP might be blocking GRE packets.

0
Comment
Question by:kiwistag
  • 2
  • 2
5 Comments
 
LVL 11

Accepted Solution

by:
tvman_od earned 150 total points
ID: 20305828
Is there a chance that the problem is on client's side? Besides that, try to disable firewall for a moment just to make sure you didn't overlooked anything.
0
 
LVL 6

Author Comment

by:kiwistag
ID: 20305881
Client: Dialup with & without firewall.
Server (Router): With & without firewall.
Recreated RRAS Setup, all without any luck.

I have one of the 2 active adaptors set up in a HP LAN Team also. (3 physical adaptors - 2 in team, 1 standalone).
0
 
LVL 11

Assisted Solution

by:tvman_od
tvman_od earned 150 total points
ID: 20305927
Did you try to make a connection from the same LAN? I believe that teaming is configured correctly, otherwise it would cause major connectivity problems.
0
 
LVL 1

Assisted Solution

by:sveashwar
sveashwar earned 50 total points
ID: 20306551
try to check weather pptp-gre port is open using nmap/telnet and start there
0
 
LVL 6

Author Comment

by:kiwistag
ID: 20306649
Sorted.
It turned out that my router by default denied outgoing GRE, AH & ESP protocols.

This in conjunction with a problem with the setup of the Routing & Remote Access service created 2 variables to the one problem.
0

Featured Post

VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market.  Every year, Cisco displays cutting-edge technol…
Synchronize a new Active Directory domain with an existing Office 365 tenant
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question