as usual after hours and days of banging my head, i've turned to the experts.
my sbs 2008 setup is running smoothly (knock on wood)
office router is linksys wrt54g (very common/popular router). vpn is enabled, as is ipsec on the router. forwarding ports 1723, 1701, 3389, 443, etc. to the server
i had a non-domain computer plugged into the lan, and the vpn seemed to connect (even though the test machine was not on the domain). tried that with a domain notebook that i unplugged and used a different ssid, and still had no joy.
my home machine is the same notebook (previously, with xp pro, it connected via vpn to my previously sbs 2003 now sbs 2008 server)
i have made sure the user account has vpn permissions, and have run the vpn wizard repeatedly at the office. port query shows 1723 is listening (but not 1701). i have no way to "force" a protocol 47 allowance at the server level (i've read all about gre). i have enabled 1723 pass through via the firewall, have enabled 1701, and for 1723 allowed all possible protocols for my firewall (tcp, udp, and 2 more that i don't recall/not familiar with - imgp or similar)
at home, my router is a dlink 655 which is also a popular and powerful router. i have enabled all the vpn settings on that one as well (and in fact, that one i can enable protocol 47, which i have though i think it's irrelvant on that front)
ISP on both ends is optimum (cablevision). i believe they do NOT block vpn.
i have thought about trying my old matching linksys wrt54g router at home - i do not believe i every had success with the dlink even when the server was sbs 2003 (but then, i had tons of server issues)
i know microsoft recommends rww which does work flawlessly, but i wanted vpn as a poor man's off-site backup for my documents, along with some other network access that would be very unwieldly with rww
any help would be very appreciated!