Solved

I am trying to re-establish a VPN connection to my Windows SBS 2003 Server.

Posted on 2010-11-18
6
562 Views
Last Modified: 2012-05-10
Hello! I am trying to re-establish a VPN connection to a Windows Small Business Server 2003 system. The connection was functioning as expected until a UPS failure caused the system to shut down abruptly. Now when I try to establish the connection, the VPN connector hangs momentarily at "Verifying Username and Password" then I get Error 721: The remote computer did not respond.
I have verified that my firewall is open on port 1723 for the VPN as well as port 47 for the GRE packets. I have also run a netstat command to verify that the server is listening on those ports but for some reason it does not show port 47 as a listening port. Please help.
0
Comment
Question by:dabridge
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
6 Comments
 
LVL 77

Expert Comment

by:Rob Williams
ID: 34168161
GRE is protocol 47, not port 47. You cannot open a port for GRE you need to enable GRE pass-through which is done in different ways by different routers. Many SOHO routers it is done by enabling "PPTP-pass-through" others you forward the PPTP protocol rather than port 1723 which does both. Which router do you have maybe we can provide specifics.

As a test for the VPN basic connection, can you connect to the server from the LAN using the server's LAN IP rather than the public IP or domain name?
A 721 error is a blocked GRE issue.


0
 

Author Comment

by:dabridge
ID: 34168346
Thank you RobWill for the comment and I apologize for the protocol vs port description in the original question. I am using SBS2003 behind a PfSense firewall which is also functioning as my router. As I look into the firewall/router settings, I have a pass-through rule for PPTP on port 1723 pointed to the LAN IP address of my server and I also have the same for GRE on port 47.
0
 
LVL 77

Accepted Solution

by:
Rob Williams earned 500 total points
ID: 34168471
I am afraid I am not familiar with the PfSense and cannot advise as to how to pass-through GRE but Googling shows that the PfSense can be a PPTP server (rather than the SBS). If this feature is enabled on the PfSense it will capture the GRE packets and not forward then to the SBS, thus blocking GRE. Are you sure it is not enabled?

Have you tested connecting the VPN from the LAN side?
Also from the SBS go to  http://www.canyouseeme.org  and verify 1723 is open. I assume it is if you get far enough to get to a 721 error.
0
Defend Your Organization from The Greatest Threats

Looking to fill the gaps in your security? Bring together information from the network, endpoint and threat intelligence feeds to really see what's happening in your organization. Join the WatchGuardians in their adventures fighting cyber crime!

 

Author Comment

by:dabridge
ID: 34168805
RobWill.....I BOW TO YOU MY FRIEND! This was exactly the issue. I am not sure how this was changed but I appreciate all of your assistance! Thank you again! (You saved what is left of my hair!)
0
 

Author Closing Comment

by:dabridge
ID: 34168809
I see why RobWill is in the HOF! Thank you again!
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 34168927
Thanks dabridge :-)
I suspect it was due to the UPS failure. I have seen routers reconfigure themselves or even wipe their entire configurations in a 'brownout' more so than a poweroutage, but where you didn't change anything I suspect it may be related.
Cheers!
--Rob

0

Featured Post

Webinar: Aligning, Automating, Winning

Join Dan Russo, Senior Manager of Operations Intelligence, for an in-depth discussion on how Dealertrack, leading provider of integrated digital solutions for the automotive industry, transformed their DevOps processes to increase collaboration and move with greater velocity.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

You may have discovered the 'Compatibility View Settings' workaround for making your SBS 2008 Remote Web Workplace 'connect to a computer' section stops 'working around' after a Windows 10 client upgrade.  That can be fixed so it 'works around' agai…
If you use NetMotion Mobility on your PC and plan to upgrade to Windows 10, it may not work unless you take these steps.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question