Solved

VPN Alternative

Posted on 2009-05-14
14
866 Views
Last Modified: 2012-05-07
Here is my problem! I have set up a VPN many times in SBS 2003. This  client is using a Linksys BEFSX41 Router, and when I try to connect  with the VPN client. I can't connect, but when I look at the Event logs, on the Server, I get Event code 20209. Which also says this Router might not accept GRC packets. Has anybody worked with this router before? or do you know of a easy free VPN client that I can use. I cannot use Hamachi, it does not give access to the local network address scheme.
0
Comment
Question by:jackm1
  • 6
  • 4
  • 2
  • +2
14 Comments
 
LVL 23

Assisted Solution

by:debuggerau
debuggerau earned 100 total points
ID: 24391818
0
 

Author Comment

by:jackm1
ID: 24391938
Will this give me access to the internal ip scheme?
Are there any others?
0
 
LVL 10

Expert Comment

by:Dextertronic
ID: 24391940
Are you trying to establish a vpn from an external client  to the Linksys router or are you trying to pass through the router and connect a VPN to the SBS server?
0
 

Author Comment

by:jackm1
ID: 24391952
Not the Router,just  a Server VPN connection.
0
 
LVL 10

Expert Comment

by:Dextertronic
ID: 24391961
have you done this step yet on the router?

To allow PPTP traffic, configure the network firewall to open TCP port 1723 and to forward IP protocol 47 for Generic Routing Encapsulation (GRE) traffic to the VPN server. Some firewalls refer to IP protocol 47 as VPN or PPTP pass-through.
0
 

Author Comment

by:jackm1
ID: 24391995
I do not see an option for protocol 47 (GRE) in the Linksys BEFSX41 Router. All I see is port forwarding and the Linksys VPN setup option. Here is  a snapshot.
Link.bmp
0
 

Author Comment

by:jackm1
ID: 24392015
Here is the Pass Through.
Link2.bmp
0
Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

 
LVL 10

Expert Comment

by:Dextertronic
ID: 24392218
I'm a bit confused.

Is that you have an SBS server behind the linksys firewall and you have external clients connecting a client vpn to the SBS box

or

Is this linksys router remote and you are connecting a site to site to the SBS box?
0
 
LVL 2

Expert Comment

by:HFVgally
ID: 24393132
Yes, please clarify the network topology. Is the router on the remote network or on the server network? Are you using a server with 2 nics and also using the server as firewall/ICA?
As a start, please ensure you are running the most recent firmware on the linksys router.
I am assuming that you are using RRAS on SBS 2003 and that you are using the built-in PPTP based VPN client on the remote PC.
If the linksys router is at the remote network, this configuration should be correct to allow PPTP to pass through the router to the destination gateway.
If the linksys router is at the server network, and the server is using a single nic (you do not have ICA configured on the server), then you need to use port forwarding rules forward TCP port 1723 to the internal server IP as well as GRE (IP protocol 47).
In either case, I would not try to use the router's VPN tunnel configuration - that is meant for connection to another firewall directly to establish a site-to-site VPN where all the PC's at onle location can connect to all network resources at another location. If this is what you want to accomplish, then I would recommend you use firewall/router equipment from the same manufacturer at each location to configure the tunnel between them rather than try to get them to talk to the SBS directly.
If you are using this linksys router at the server network, be aware that consumer level router/firewall products such as this one often have problems supporting simultaneous VPN tunnel passthrough - the second connection can kick disconnect the first one or simply fail to connect - and may require frequent power-cycles to resolve connection issues.
Personally, I prefer to use separate hardware firewalls that support VPN client termination to the firewall rather than pass through to the server Watchguard and Sonicwall both have low-end models that do this quite well. Netgear's prosafe line supports it also, but you have to license the client software separately. All of them support forwarding of multiple pptp and IPSec VPN tunnels to the server as well. I also never use ICA and it is worth noting that MS abandoned it on 2008 SBS in favor of separate hardware firewalls.
0
 
LVL 21

Assisted Solution

by:suppsaws
suppsaws earned 200 total points
ID: 24394204
Hello jackm1,

just update the firmware of the linksys to begin with, make sure port 1723 and GRE 47 is forwarded to the SBS server.
if it doesn't work, change the router.
Also make sure you ran the 'remote access wizard'.

Regards,

suppsaws
0
 

Author Comment

by:jackm1
ID: 24395152
Guys,

Sorry for the confusion. I am not using the VPN on the Linksys router. I was just trying to show that there is no place to put GRE 47  and that PPTP is enabled.

suppsaws, is  right about the firmware update, but this client is not local. I cant do a firmware upgrade and  possibly  shutting down the router.

Microsoft came in remotely and said everything is setup correctly. It is a Firewall issue.
0
 
LVL 23

Expert Comment

by:debuggerau
ID: 24408251
yes well, you have the SBS server to act as a VPN server, but also the linksys router...

There are many others, but I don't think you need choice's magazines pick of the month either...

Why not focus on the linksys solution, then remote desktop to the SBS server which will allow you to connect to any workstation from it (SBS feature).

That way you don't need RAS access on the server..
0
 
LVL 10

Assisted Solution

by:Dextertronic
Dextertronic earned 200 total points
ID: 24408363
Make sure that the VPN tunnel is disabled as per the first screen shot but keep the pass thru enabled as per the second screen shot.
Ity's possible that if you have the Linksys configured for an emabled tunnel (as per the first screen shot) it might interfere with other VPN's trying to pass thru.
Worth a try.
0
 

Accepted Solution

by:
jackm1 earned 0 total points
ID: 24408694
Well Guys,

The Problem is the Linksys router, I created an internal VPN and it worked per Microsoft Tech support.
He mentioned if it works to do a Firmware upgrade.
The owner wants to go with a new router so I will never know. I will divide the points accordingly.

Thanks  
0

Featured Post

6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

Join & Write a Comment

Suggested Solutions

Because virtualization becomes more and more common, and, with Microsoft Hyper-V included in Windows Server at no additional costs, and, most server hardware nowadays is more than capable of running a physical Small Business Server (SBS) 2008 or 201…
If you are a user of the discontinued Microsoft Office Accounting 2008 (MSOA) and have to move to a new computer running Windows 8, you will be unhappy to discover that it won't install.  In particular, Microsoft SQL Server 2005 Express Edition (SSE…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now