• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 239
  • Last Modified:

Windows Server 2003 VPN Config - After Office Move

Hi,

We have recently moved offices and all our systems are back up and running now with the exception of the VPN. I use it daily to check on the systems form home and my directors use it to access Outlook and our CRM system on their laptops.

Previously, we had a static IP to connect to on the VPN connection and the usual properties in AD (enable dial-in user), etc.

We have since moved offices and have 2 broadband links up and running.Both with static IPs assigned to them.

Our e-mail and websites are running well, and I just need to change the static IP in the VPN setup from the old IP to the new IP.

I've looked in the NIC settings / Routing & Remote Access and on our Symantec Security Gateway 360 and cannot find where the old static IP was stored.

Any comments are greatly appreciated.

Thanks in advance!
0
Rob Samuel
Asked:
Rob Samuel
  • 4
  • 3
  • 2
3 Solutions
 
arnoldCommented:
Are you looking on the remote systems?
What type of VPN do you have/use PPTP, L2TP+ipsec?
0
 
Rob SamuelIT ManagerAuthor Commented:
I've looked on the domain controller which the RemoteAccess service is running on. We're using PPTP.
0
 
arnoldCommented:
The networking PPTP connection is where you need to change the IP to which you are connecting.  I do not believe you need to make any changes on the PPTP server since it likely has a private IP and you have your external firewall configured to allow port 1723 to pass through to the PPTP server.
0
Improved Protection from Phishing Attacks

WatchGuard DNSWatch reduces malware infections by detecting and blocking malicious DNS requests, improving your ability to protect employees from phishing attacks. Learn more about our newest service included in Total Security Suite today!

 
Rob SamuelIT ManagerAuthor Commented:
Hi,

The IP address is private internally and I can see where you're coming from - basically, there has to be an external IP address which I'd enter into my laptop and dial into the VPN from an external network.

The problem is that on the 2wire router that BT provides, I assign the static IP to it, and it's pingable internally and works on the internet fine but I cannot ping the static IP externally.

As I understand, should the following happen:

Assign a static IP to the BT router                                             DONE
Configure the Symantec Gateway with the IP details               DONE
Test Internet works on network PC's                                        DONE
Ping static IP internally                                                               DONE

Problem areas
-----------------

Ping static IP externally                                                                          CANNOT DO
Once static IP is pingable, configure VPN connection with static IP     CANNOT DO UNTIL PINGABLE
Test VPN connection from home or 3G dongle                                     CANNOT DO UNTIL PINGABLE

What's the best way to make that static IP pingable externally? I'll ring BT's techie guys and see what they say.

Thanks in advance!









0
 
arnoldCommented:
Check whether your BT router is configured to respond to external ping requests.
The ability to ping is not important for the VPN.
Try telnet static_ip 1723
Skip the ping test and try to establish the VPN by updating the VPN client to use the new external static IP.

Just to be sure the external static IP is provided to you by BT.  You either have a single External IP or you are provided with multiple IP and you have a choice which to use.

0
 
MrMintanetCommented:
Are you certain that your router supports VPN?
Is the router configured for stealth mode?
0
 
Rob SamuelIT ManagerAuthor Commented:
Hi, the router has 'stealth mode' disabled. However, after speaking to BT who supply the router - they have had several complaints of VPN/GRE Protocol not working and say i's down to firmware. They are sending a new router with the old firmware on it for Monday, so I will set it up then.

To be honest, I am looking to purchase 2x ADSL routers which are a bit better than the one's we've been sent.

Any suggestions as to a decent router (baring in mind it will be connected to the Symantec Security Gateway 360)? I've looked into Drayteks so far.

0
 
MrMintanetCommented:
Sonicwall TZ170 sounds right for your application.
0
 
Rob SamuelIT ManagerAuthor Commented:
Thanks for all the comments, I'll wait for the replacement router from BT, run with that for a few months then purchase a couple of decent routers for the network.

0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: Microsoft Azure 2017

Azure has a changed a lot since it was originally introduce by adding new services and features. Do you know everything you need to about Azure? This course will teach you about the Azure App Service, monitoring and application insights, DevOps, and Team Services.

  • 4
  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now