• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 609
  • Last Modified:

I am trying to re-establish a VPN connection to my Windows SBS 2003 Server.

Hello! I am trying to re-establish a VPN connection to a Windows Small Business Server 2003 system. The connection was functioning as expected until a UPS failure caused the system to shut down abruptly. Now when I try to establish the connection, the VPN connector hangs momentarily at "Verifying Username and Password" then I get Error 721: The remote computer did not respond.
I have verified that my firewall is open on port 1723 for the VPN as well as port 47 for the GRE packets. I have also run a netstat command to verify that the server is listening on those ports but for some reason it does not show port 47 as a listening port. Please help.
0
dabridge
Asked:
dabridge
  • 3
  • 3
1 Solution
 
Rob WilliamsCommented:
GRE is protocol 47, not port 47. You cannot open a port for GRE you need to enable GRE pass-through which is done in different ways by different routers. Many SOHO routers it is done by enabling "PPTP-pass-through" others you forward the PPTP protocol rather than port 1723 which does both. Which router do you have maybe we can provide specifics.

As a test for the VPN basic connection, can you connect to the server from the LAN using the server's LAN IP rather than the public IP or domain name?
A 721 error is a blocked GRE issue.


0
 
dabridgeAuthor Commented:
Thank you RobWill for the comment and I apologize for the protocol vs port description in the original question. I am using SBS2003 behind a PfSense firewall which is also functioning as my router. As I look into the firewall/router settings, I have a pass-through rule for PPTP on port 1723 pointed to the LAN IP address of my server and I also have the same for GRE on port 47.
0
 
Rob WilliamsCommented:
I am afraid I am not familiar with the PfSense and cannot advise as to how to pass-through GRE but Googling shows that the PfSense can be a PPTP server (rather than the SBS). If this feature is enabled on the PfSense it will capture the GRE packets and not forward then to the SBS, thus blocking GRE. Are you sure it is not enabled?

Have you tested connecting the VPN from the LAN side?
Also from the SBS go to  http://www.canyouseeme.org  and verify 1723 is open. I assume it is if you get far enough to get to a 721 error.
0
Protect Your Employees from Wi-Fi Threats

As Wi-Fi growth and popularity continues to climb, not everyone understands the risks that come with connecting to public Wi-Fi or even offering Wi-Fi to employees, visitors and guests. Download the resource kit to make sure your safe wherever business takes you!

 
dabridgeAuthor Commented:
RobWill.....I BOW TO YOU MY FRIEND! This was exactly the issue. I am not sure how this was changed but I appreciate all of your assistance! Thank you again! (You saved what is left of my hair!)
0
 
dabridgeAuthor Commented:
I see why RobWill is in the HOF! Thank you again!
0
 
Rob WilliamsCommented:
Thanks dabridge :-)
I suspect it was due to the UPS failure. I have seen routers reconfigure themselves or even wipe their entire configurations in a 'brownout' more so than a poweroutage, but where you didn't change anything I suspect it may be related.
Cheers!
--Rob

0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

The Firewall Audit Checklist

Preparing for a firewall audit today is almost impossible.
AlgoSec, together with some of the largest global organizations and auditors, has created a checklist to follow when preparing for your firewall audit. Simplify risk mitigation while staying compliant all of the time!

  • 3
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now