Solved

Windows Server 2003 VPN Config - After Office Move

Posted on 2009-04-01
9
226 Views
Last Modified: 2012-05-06
Hi,

We have recently moved offices and all our systems are back up and running now with the exception of the VPN. I use it daily to check on the systems form home and my directors use it to access Outlook and our CRM system on their laptops.

Previously, we had a static IP to connect to on the VPN connection and the usual properties in AD (enable dial-in user), etc.

We have since moved offices and have 2 broadband links up and running.Both with static IPs assigned to them.

Our e-mail and websites are running well, and I just need to change the static IP in the VPN setup from the old IP to the new IP.

I've looked in the NIC settings / Routing & Remote Access and on our Symantec Security Gateway 360 and cannot find where the old static IP was stored.

Any comments are greatly appreciated.

Thanks in advance!
0
Comment
Question by:robsamuel2k8
  • 4
  • 3
  • 2
9 Comments
 
LVL 77

Expert Comment

by:arnold
ID: 24042336
Are you looking on the remote systems?
What type of VPN do you have/use PPTP, L2TP+ipsec?
0
 

Author Comment

by:robsamuel2k8
ID: 24042592
I've looked on the domain controller which the RemoteAccess service is running on. We're using PPTP.
0
 
LVL 77

Expert Comment

by:arnold
ID: 24042697
The networking PPTP connection is where you need to change the IP to which you are connecting.  I do not believe you need to make any changes on the PPTP server since it likely has a private IP and you have your external firewall configured to allow port 1723 to pass through to the PPTP server.
0
 

Author Comment

by:robsamuel2k8
ID: 24047382
Hi,

The IP address is private internally and I can see where you're coming from - basically, there has to be an external IP address which I'd enter into my laptop and dial into the VPN from an external network.

The problem is that on the 2wire router that BT provides, I assign the static IP to it, and it's pingable internally and works on the internet fine but I cannot ping the static IP externally.

As I understand, should the following happen:

Assign a static IP to the BT router                                             DONE
Configure the Symantec Gateway with the IP details               DONE
Test Internet works on network PC's                                        DONE
Ping static IP internally                                                               DONE

Problem areas
-----------------

Ping static IP externally                                                                          CANNOT DO
Once static IP is pingable, configure VPN connection with static IP     CANNOT DO UNTIL PINGABLE
Test VPN connection from home or 3G dongle                                     CANNOT DO UNTIL PINGABLE

What's the best way to make that static IP pingable externally? I'll ring BT's techie guys and see what they say.

Thanks in advance!









0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 
LVL 77

Accepted Solution

by:
arnold earned 300 total points
ID: 24048824
Check whether your BT router is configured to respond to external ping requests.
The ability to ping is not important for the VPN.
Try telnet static_ip 1723
Skip the ping test and try to establish the VPN by updating the VPN client to use the new external static IP.

Just to be sure the external static IP is provided to you by BT.  You either have a single External IP or you are provided with multiple IP and you have a choice which to use.

0
 
LVL 8

Assisted Solution

by:MrMintanet
MrMintanet earned 200 total points
ID: 24055200
Are you certain that your router supports VPN?
Is the router configured for stealth mode?
0
 

Author Comment

by:robsamuel2k8
ID: 24057388
Hi, the router has 'stealth mode' disabled. However, after speaking to BT who supply the router - they have had several complaints of VPN/GRE Protocol not working and say i's down to firmware. They are sending a new router with the old firmware on it for Monday, so I will set it up then.

To be honest, I am looking to purchase 2x ADSL routers which are a bit better than the one's we've been sent.

Any suggestions as to a decent router (baring in mind it will be connected to the Symantec Security Gateway 360)? I've looked into Drayteks so far.

0
 
LVL 8

Assisted Solution

by:MrMintanet
MrMintanet earned 200 total points
ID: 24058934
Sonicwall TZ170 sounds right for your application.
0
 

Author Comment

by:robsamuel2k8
ID: 24066711
Thanks for all the comments, I'll wait for the replacement router from BT, run with that for a few months then purchase a couple of decent routers for the network.

0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Secure VPN Connection terminated locally by the Client.  Reason 442: Failed to enable Virtual Adapter. If you receive this error on Windows 8 or Windows 8.1 while trying to connect with the Cisco VPN Client then the solution is a simple registry f…
Like many organizations, your foray into cloud computing may have started with an ancillary or security service, like email spam and virus protection. For some, the first or second step into the cloud was moving email off-premise. For others, a clou…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

895 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now