We've had an SBS 2003 R2 with one NIC behind a Linksys BEFVP41 running on a dynamic IP with Cablevison for over two years without any problems. Everything worked fine, remote web access, VPN, remote desktop, public website access, without problems. We need the VPN for sales people on the road to be able to log into the network check e-mail, access files, access quickbooks on the server to place orders, etc. The Linksys has always been the DHCP server, without any issues.
For a number of reasons we decided to switch to a static IP. The Cablevision Static IP set up comes with a Cisco 851 that acts as a NAT appliance with 5 static IPs ( it is in front of the Linksys, since I cannot manage the Cisco, I need to forward all the necessary ports Linksys tomthe SBS) On the Cisco 851 the all ports open and services enabled and nothing blocked - verified by calling Cablevision business tech support ( I cannot access the Cisco 851, it was set up by Cablevision and users have no access) Once we switched to static IP we changed the proper IP settings on the router and server as needed. With our anti-virus software, AVG 8.0 Network Edition we had accidentally installed the Firewall on the server and after the dynamic IP switch to Static IP on the SBS, the Firewall seemed to be blocking some access to the NIC on the server and IPV4 and IPV6 connections, according to the AVG Firewall interface. We seemingly corrected the AVG Firewall issues and repaired the AVG installation to remove and uninstall the AVG Firewall from the SBS (since it did not belong there in the first place) Now we have had everything working with the static IP setup and the SBS 2003 R2 for over six months, except the VPN. so everything is working but the VPN... Webmail, remote desktop, access to our public website and all other server functions work except for the VPN.
The other thing that bugs me is that I cannot access the regular Windows Firewall - I get a pop up that says the Firewall is being used by another program and something about ipsys.nat. It makes me believe that there could be some remnant settings blocking the VPN from the uninstalled AVG Firewall component on the SBS, given the past issue after the switch to the static IP and the inability to access the regular Windows Firewall on the server.
That being said, we cannot VPN from within or from outside the LAN, as we could before the switch to the static IP. Upon trying to dial in remotely to the VPN all 5 users get error 721 and the connection is unable to authenticate and hangs...
I have read through every single error 721 question I have seen on EE, but have not found a solution. I have looked at the Event Wiever on the server and it shows an RAS error for every time one of the sales people tries to VPN into the server. I am rather tech savvy and manage about 95% of our small company IT needs, including most of the SBS setup, but I am not a Pro. I have a pretty good MS Small Business Specilalist (Alan) that tried to figure out our current SBS VPN issue, but even at $125 and hour for eight hours, he could not solve it. I would rather spend some more time on my own trying to solve this issue and avoid at all costs having to spend God knows how many hours at $125 paying Alan, who may or may not fix it.
I have read through many SBS posts here on EE and it seems Rob Will is the best at it....Rob, please help me! A detailed step by step explanation would be most helpful. Where should I start? I want to be able to eliminate all possible issues one to make sure I don't miss a thing.
Is it AVG Firewall remnants blocking the VPN?
Is it a DHCP authentication issue?
Do I reinstall the AVG Firewall to check the settings and make sure they are all cleared and then uninstall it again?
Should I rerun again the connection wizards for the mobile users?
We are able to function as is OK without the VPN, given that the reps also have PDA's for their e-mail while on the road connected through the SBS. Those are working fine, but we really need the SBS VPN to be working for everyone to be more efficient and productive no matter where we are with our laptops and have full access to the LAN and server while on the road.
That being said, I have planned my first family vacation in five years, since starting my company. My wife sends the orders that our reps e-mail in to our warehouse daily from our office using our multi-user Quickbooksset up on the SBS to enter all the orders( we are a small fine wine importer and distributor in NY/NJ ). Without the VPN we cannot access the Quickbooks remotely while on the road and on vacation to place the orders sent in by the rep daily, so I have to resolve this before vacation in early April! I know I can use remote desktop to log into a pc on the LAN via the SBS, but that is not doable if you are in the car all day, on the road, using an AT&T air card on your actual laptop...
In addition to the points I would gladly offer several free bottles of wines with free Fedex shipping to the expert who helps me solve this VPN mess!
I know it is something simple and it is just eating at me...Have at it boys!