• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 895
  • Last Modified:

VPN Alternative

Here is my problem! I have set up a VPN many times in SBS 2003. This  client is using a Linksys BEFSX41 Router, and when I try to connect  with the VPN client. I can't connect, but when I look at the Event logs, on the Server, I get Event code 20209. Which also says this Router might not accept GRC packets. Has anybody worked with this router before? or do you know of a easy free VPN client that I can use. I cannot use Hamachi, it does not give access to the local network address scheme.
0
jackm1
Asked:
jackm1
  • 6
  • 4
  • 2
  • +2
4 Solutions
 
debuggerauCommented:
0
 
jackm1Author Commented:
Will this give me access to the internal ip scheme?
Are there any others?
0
 
DextertronicCommented:
Are you trying to establish a vpn from an external client  to the Linksys router or are you trying to pass through the router and connect a VPN to the SBS server?
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
jackm1Author Commented:
Not the Router,just  a Server VPN connection.
0
 
DextertronicCommented:
have you done this step yet on the router?

To allow PPTP traffic, configure the network firewall to open TCP port 1723 and to forward IP protocol 47 for Generic Routing Encapsulation (GRE) traffic to the VPN server. Some firewalls refer to IP protocol 47 as VPN or PPTP pass-through.
0
 
jackm1Author Commented:
I do not see an option for protocol 47 (GRE) in the Linksys BEFSX41 Router. All I see is port forwarding and the Linksys VPN setup option. Here is  a snapshot.
Link.bmp
0
 
jackm1Author Commented:
Here is the Pass Through.
Link2.bmp
0
 
DextertronicCommented:
I'm a bit confused.

Is that you have an SBS server behind the linksys firewall and you have external clients connecting a client vpn to the SBS box

or

Is this linksys router remote and you are connecting a site to site to the SBS box?
0
 
HFVgallyCommented:
Yes, please clarify the network topology. Is the router on the remote network or on the server network? Are you using a server with 2 nics and also using the server as firewall/ICA?
As a start, please ensure you are running the most recent firmware on the linksys router.
I am assuming that you are using RRAS on SBS 2003 and that you are using the built-in PPTP based VPN client on the remote PC.
If the linksys router is at the remote network, this configuration should be correct to allow PPTP to pass through the router to the destination gateway.
If the linksys router is at the server network, and the server is using a single nic (you do not have ICA configured on the server), then you need to use port forwarding rules forward TCP port 1723 to the internal server IP as well as GRE (IP protocol 47).
In either case, I would not try to use the router's VPN tunnel configuration - that is meant for connection to another firewall directly to establish a site-to-site VPN where all the PC's at onle location can connect to all network resources at another location. If this is what you want to accomplish, then I would recommend you use firewall/router equipment from the same manufacturer at each location to configure the tunnel between them rather than try to get them to talk to the SBS directly.
If you are using this linksys router at the server network, be aware that consumer level router/firewall products such as this one often have problems supporting simultaneous VPN tunnel passthrough - the second connection can kick disconnect the first one or simply fail to connect - and may require frequent power-cycles to resolve connection issues.
Personally, I prefer to use separate hardware firewalls that support VPN client termination to the firewall rather than pass through to the server Watchguard and Sonicwall both have low-end models that do this quite well. Netgear's prosafe line supports it also, but you have to license the client software separately. All of them support forwarding of multiple pptp and IPSec VPN tunnels to the server as well. I also never use ICA and it is worth noting that MS abandoned it on 2008 SBS in favor of separate hardware firewalls.
0
 
suppsawsCommented:
Hello jackm1,

just update the firmware of the linksys to begin with, make sure port 1723 and GRE 47 is forwarded to the SBS server.
if it doesn't work, change the router.
Also make sure you ran the 'remote access wizard'.

Regards,

suppsaws
0
 
jackm1Author Commented:
Guys,

Sorry for the confusion. I am not using the VPN on the Linksys router. I was just trying to show that there is no place to put GRE 47  and that PPTP is enabled.

suppsaws, is  right about the firmware update, but this client is not local. I cant do a firmware upgrade and  possibly  shutting down the router.

Microsoft came in remotely and said everything is setup correctly. It is a Firewall issue.
0
 
debuggerauCommented:
yes well, you have the SBS server to act as a VPN server, but also the linksys router...

There are many others, but I don't think you need choice's magazines pick of the month either...

Why not focus on the linksys solution, then remote desktop to the SBS server which will allow you to connect to any workstation from it (SBS feature).

That way you don't need RAS access on the server..
0
 
DextertronicCommented:
Make sure that the VPN tunnel is disabled as per the first screen shot but keep the pass thru enabled as per the second screen shot.
Ity's possible that if you have the Linksys configured for an emabled tunnel (as per the first screen shot) it might interfere with other VPN's trying to pass thru.
Worth a try.
0
 
jackm1Author Commented:
Well Guys,

The Problem is the Linksys router, I created an internal VPN and it worked per Microsoft Tech support.
He mentioned if it works to do a Firmware upgrade.
The owner wants to go with a new router so I will never know. I will divide the points accordingly.

Thanks  
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 6
  • 4
  • 2
  • +2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now