Solved

GRE not being opened for VPN access any more

Posted on 2007-11-17
5
1,343 Views
Last Modified: 2008-05-31
For some reason after reinstalling the Windows server (after a total array failure) the system will no longer allow incoming VPN connections due to failing to allow in GRE packets, from memory all settings for the VPN (Routing & Remote Access) are the same..

The firewall & NAT rules are all ok as it can make a connection to log this message on the server and (PPTP) GRE IS enabled (as well as L2TP) to the same internal IP addresses.

Event Type:      Warning
Event Source:      Rasman
Event Category:      None
Event ID:      20209
Date:            17/11/2007
Time:            9:54:36 p.m.
User:            N/A
Computer:      SERVER
Description:
A connection between the VPN server and the VPN client (**remote IP address**) has been established, but the VPN connection cannot be completed. The most common cause for this is that a firewall or router between the VPN server and the VPN client is not configured to allow Generic Routing Encapsulation (GRE) packets (protocol 47). Verify that the firewalls and routers between your VPN server and the Internet allow GRE packets. Make sure the firewalls and routers on the user's network are also configured to allow GRE packets. If the problem persists, have the user contact the Internet service provider (ISP) to determine whether the ISP might be blocking GRE packets.

0
Comment
Question by:kiwistag
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 11

Accepted Solution

by:
tvman_od earned 150 total points
ID: 20305828
Is there a chance that the problem is on client's side? Besides that, try to disable firewall for a moment just to make sure you didn't overlooked anything.
0
 
LVL 6

Author Comment

by:kiwistag
ID: 20305881
Client: Dialup with & without firewall.
Server (Router): With & without firewall.
Recreated RRAS Setup, all without any luck.

I have one of the 2 active adaptors set up in a HP LAN Team also. (3 physical adaptors - 2 in team, 1 standalone).
0
 
LVL 11

Assisted Solution

by:tvman_od
tvman_od earned 150 total points
ID: 20305927
Did you try to make a connection from the same LAN? I believe that teaming is configured correctly, otherwise it would cause major connectivity problems.
0
 
LVL 1

Assisted Solution

by:sveashwar
sveashwar earned 50 total points
ID: 20306551
try to check weather pptp-gre port is open using nmap/telnet and start there
0
 
LVL 6

Author Comment

by:kiwistag
ID: 20306649
Sorted.
It turned out that my router by default denied outgoing GRE, AH & ESP protocols.

This in conjunction with a problem with the setup of the Routing & Remote Access service created 2 variables to the one problem.
0

Featured Post

Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How to set-up an On Demand, IPSec, Site to SIte, VPN from a Draytek Vigor Router to a Cyberoam UTM Appliance. A concise guide to the settings required on both devices
Always backup Domain, SYSVOL etc.using processes according to Microsoft Best Practices. This is meant as a disaster recovery process for small environments that did not implement backup processes and did not run a secondary domain controller that ne…
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question