VPN Alternative

Posted on 2009-05-14
Last Modified: 2012-05-07
Here is my problem! I have set up a VPN many times in SBS 2003. This  client is using a Linksys BEFSX41 Router, and when I try to connect  with the VPN client. I can't connect, but when I look at the Event logs, on the Server, I get Event code 20209. Which also says this Router might not accept GRC packets. Has anybody worked with this router before? or do you know of a easy free VPN client that I can use. I cannot use Hamachi, it does not give access to the local network address scheme.
Question by:jackm1
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 4
  • 2
  • +2
LVL 23

Assisted Solution

debuggerau earned 100 total points
ID: 24391818

Author Comment

ID: 24391938
Will this give me access to the internal ip scheme?
Are there any others?
LVL 10

Expert Comment

ID: 24391940
Are you trying to establish a vpn from an external client  to the Linksys router or are you trying to pass through the router and connect a VPN to the SBS server?
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!


Author Comment

ID: 24391952
Not the Router,just  a Server VPN connection.
LVL 10

Expert Comment

ID: 24391961
have you done this step yet on the router?

To allow PPTP traffic, configure the network firewall to open TCP port 1723 and to forward IP protocol 47 for Generic Routing Encapsulation (GRE) traffic to the VPN server. Some firewalls refer to IP protocol 47 as VPN or PPTP pass-through.

Author Comment

ID: 24391995
I do not see an option for protocol 47 (GRE) in the Linksys BEFSX41 Router. All I see is port forwarding and the Linksys VPN setup option. Here is  a snapshot.

Author Comment

ID: 24392015
Here is the Pass Through.
LVL 10

Expert Comment

ID: 24392218
I'm a bit confused.

Is that you have an SBS server behind the linksys firewall and you have external clients connecting a client vpn to the SBS box


Is this linksys router remote and you are connecting a site to site to the SBS box?

Expert Comment

ID: 24393132
Yes, please clarify the network topology. Is the router on the remote network or on the server network? Are you using a server with 2 nics and also using the server as firewall/ICA?
As a start, please ensure you are running the most recent firmware on the linksys router.
I am assuming that you are using RRAS on SBS 2003 and that you are using the built-in PPTP based VPN client on the remote PC.
If the linksys router is at the remote network, this configuration should be correct to allow PPTP to pass through the router to the destination gateway.
If the linksys router is at the server network, and the server is using a single nic (you do not have ICA configured on the server), then you need to use port forwarding rules forward TCP port 1723 to the internal server IP as well as GRE (IP protocol 47).
In either case, I would not try to use the router's VPN tunnel configuration - that is meant for connection to another firewall directly to establish a site-to-site VPN where all the PC's at onle location can connect to all network resources at another location. If this is what you want to accomplish, then I would recommend you use firewall/router equipment from the same manufacturer at each location to configure the tunnel between them rather than try to get them to talk to the SBS directly.
If you are using this linksys router at the server network, be aware that consumer level router/firewall products such as this one often have problems supporting simultaneous VPN tunnel passthrough - the second connection can kick disconnect the first one or simply fail to connect - and may require frequent power-cycles to resolve connection issues.
Personally, I prefer to use separate hardware firewalls that support VPN client termination to the firewall rather than pass through to the server Watchguard and Sonicwall both have low-end models that do this quite well. Netgear's prosafe line supports it also, but you have to license the client software separately. All of them support forwarding of multiple pptp and IPSec VPN tunnels to the server as well. I also never use ICA and it is worth noting that MS abandoned it on 2008 SBS in favor of separate hardware firewalls.
LVL 21

Assisted Solution

suppsaws earned 200 total points
ID: 24394204
Hello jackm1,

just update the firmware of the linksys to begin with, make sure port 1723 and GRE 47 is forwarded to the SBS server.
if it doesn't work, change the router.
Also make sure you ran the 'remote access wizard'.



Author Comment

ID: 24395152

Sorry for the confusion. I am not using the VPN on the Linksys router. I was just trying to show that there is no place to put GRE 47  and that PPTP is enabled.

suppsaws, is  right about the firmware update, but this client is not local. I cant do a firmware upgrade and  possibly  shutting down the router.

Microsoft came in remotely and said everything is setup correctly. It is a Firewall issue.
LVL 23

Expert Comment

ID: 24408251
yes well, you have the SBS server to act as a VPN server, but also the linksys router...

There are many others, but I don't think you need choice's magazines pick of the month either...

Why not focus on the linksys solution, then remote desktop to the SBS server which will allow you to connect to any workstation from it (SBS feature).

That way you don't need RAS access on the server..
LVL 10

Assisted Solution

Dextertronic earned 200 total points
ID: 24408363
Make sure that the VPN tunnel is disabled as per the first screen shot but keep the pass thru enabled as per the second screen shot.
Ity's possible that if you have the Linksys configured for an emabled tunnel (as per the first screen shot) it might interfere with other VPN's trying to pass thru.
Worth a try.

Accepted Solution

jackm1 earned 0 total points
ID: 24408694
Well Guys,

The Problem is the Linksys router, I created an internal VPN and it worked per Microsoft Tech support.
He mentioned if it works to do a Firmware upgrade.
The owner wants to go with a new router so I will never know. I will divide the points accordingly.


Featured Post

Surfing Is Meant To Be Done Outdoors

Featuring its rugged IP67 compliant exterior and delivering broad, fast, and reliable Wi-Fi coverage, the AP322 is the ideal solution for the outdoors. Manage this AP with either a Firebox as a gateway controller, or with the Wi-Fi Cloud for an expanded set of management features

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Because virtualization becomes more and more common, and, with Microsoft Hyper-V included in Windows Server at no additional costs, and, most server hardware nowadays is more than capable of running a physical Small Business Server (SBS) 2008 or 201…
You may have discovered the 'Compatibility View Settings' workaround for making your SBS 2008 Remote Web Workplace 'connect to a computer' section stops 'working around' after a Windows 10 client upgrade.  That can be fixed so it 'works around' agai…
After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question