[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1353
  • Last Modified:

GRE not being opened for VPN access any more

For some reason after reinstalling the Windows server (after a total array failure) the system will no longer allow incoming VPN connections due to failing to allow in GRE packets, from memory all settings for the VPN (Routing & Remote Access) are the same..

The firewall & NAT rules are all ok as it can make a connection to log this message on the server and (PPTP) GRE IS enabled (as well as L2TP) to the same internal IP addresses.

Event Type:      Warning
Event Source:      Rasman
Event Category:      None
Event ID:      20209
Date:            17/11/2007
Time:            9:54:36 p.m.
User:            N/A
Computer:      SERVER
Description:
A connection between the VPN server and the VPN client (**remote IP address**) has been established, but the VPN connection cannot be completed. The most common cause for this is that a firewall or router between the VPN server and the VPN client is not configured to allow Generic Routing Encapsulation (GRE) packets (protocol 47). Verify that the firewalls and routers between your VPN server and the Internet allow GRE packets. Make sure the firewalls and routers on the user's network are also configured to allow GRE packets. If the problem persists, have the user contact the Internet service provider (ISP) to determine whether the ISP might be blocking GRE packets.

0
kiwistag
Asked:
kiwistag
  • 2
  • 2
3 Solutions
 
tvman_odCommented:
Is there a chance that the problem is on client's side? Besides that, try to disable firewall for a moment just to make sure you didn't overlooked anything.
0
 
kiwistagAuthor Commented:
Client: Dialup with & without firewall.
Server (Router): With & without firewall.
Recreated RRAS Setup, all without any luck.

I have one of the 2 active adaptors set up in a HP LAN Team also. (3 physical adaptors - 2 in team, 1 standalone).
0
 
tvman_odCommented:
Did you try to make a connection from the same LAN? I believe that teaming is configured correctly, otherwise it would cause major connectivity problems.
0
 
sveashwarCommented:
try to check weather pptp-gre port is open using nmap/telnet and start there
0
 
kiwistagAuthor Commented:
Sorted.
It turned out that my router by default denied outgoing GRE, AH & ESP protocols.

This in conjunction with a problem with the setup of the Routing & Remote Access service created 2 variables to the one problem.
0

Featured Post

Get your problem seen by more experts

Be seen. Boost your question’s priority for more expert views and faster solutions

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now