sparks2000
asked on
error 678 when trying to connect VPN to my PC at work
hi guys,
i was trying to connect theoug VPN to my office PC but i always get the message "error 678......"although i am connecting using the IP address of the server. i already created a VPN user on my firewall.but my question is that should i also do a configuration on ISA server and what is the rule that is hould create it on ISA to allow my VPN access.noe that i am using L2TP IPSEC connection.so please help . and if it is not an ISA problem ,so what is the problem???note that i disabled the firewall on the PC that i am connecting VPN from.thanks
i was trying to connect theoug VPN to my office PC but i always get the message "error 678......"although i am connecting using the IP address of the server. i already created a VPN user on my firewall.but my question is that should i also do a configuration on ISA server and what is the rule that is hould create it on ISA to allow my VPN access.noe that i am using L2TP IPSEC connection.so please help . and if it is not an ISA problem ,so what is the problem???note that i disabled the firewall on the PC that i am connecting VPN from.thanks
If you are using ipsec over l2tp then you need at least certificate authentication as well. Set it up with pptp to start with - its far simpler. Once you have that running, then change to l2tp & ipsec.
Please explain what you mean by my firewall and ISA. Are you not using ISA as the firewall? What ports have you opened on the external firewall to allow l2tp or pptp to pass? If the external device is your VPN termination point then ISA only needs standard rules applied (and would not cause the 678 error anyway). If the external device is passing trafrfic through to ISA server to terminate the VPN then run the VPN ISA wizard from the gui but ensure all relevant ports are forwarded to ISA in the first place.
Keith
Please explain what you mean by my firewall and ISA. Are you not using ISA as the firewall? What ports have you opened on the external firewall to allow l2tp or pptp to pass? If the external device is your VPN termination point then ISA only needs standard rules applied (and would not cause the 678 error anyway). If the external device is passing trafrfic through to ISA server to terminate the VPN then run the VPN ISA wizard from the gui but ensure all relevant ports are forwarded to ISA in the first place.
Keith
ASKER
well , ihave a harware firewall and behind it i have an ISA server, i have defined a user on the hardware firewall.and i gave him the authority to access VPN thru l2tp. i don''t think i need a certificate because i am using a preshared key.so whe i am tring to connect i am getting the following message ërror 676:the remote computer did notrespond...........
thnak you all for your replies
thnak you all for your replies
You've used the shared key route? OK - not quite as secure but perfectly acceptable.
However, not quite answered the question. You have made the vpn from the remote site to the hardware firewall OR from the remote site to the ISA server? Can't be both.
However, not quite answered the question. You have made the vpn from the remote site to the hardware firewall OR from the remote site to the ISA server? Can't be both.
ASKER
i have made the connection to the harware firewall..not the ISA..i haven't did any thing on ISA as for VPN confihuration andthe IP that i am connecting to is the hardware firewall IP.thanks again
No problem - so the issue is occuring before you have even got to the ISA server? ie can you see on the 3com log whether phase 1 is completing?
ISA is my area rather than 3com equipment.
ISA is my area rather than 3com equipment.
waiting for your reply
ASKER
well i tried tea,viewer but it didn't work with me.i installed it as a host (service) at my office PC.and i got his ID and tried to connect from home but no use.i don't remember the message but i wil try tonight and send it to you today.thanks you a lot
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
more details about your sw configurations with screenshots would be helpfull
try using a great peice of software called teamviewer , you can get it from download.com , i am not advertising anything.
but it can get a remote desktop connection without any needed configurations. and it is free for non-commercial use