Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17


I am trying to re-establish a VPN connection to my Windows SBS 2003 Server.

Posted on 2010-11-18
Medium Priority
Last Modified: 2012-05-10
Hello! I am trying to re-establish a VPN connection to a Windows Small Business Server 2003 system. The connection was functioning as expected until a UPS failure caused the system to shut down abruptly. Now when I try to establish the connection, the VPN connector hangs momentarily at "Verifying Username and Password" then I get Error 721: The remote computer did not respond.
I have verified that my firewall is open on port 1723 for the VPN as well as port 47 for the GRE packets. I have also run a netstat command to verify that the server is listening on those ports but for some reason it does not show port 47 as a listening port. Please help.
Question by:dabridge
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
LVL 77

Expert Comment

by:Rob Williams
ID: 34168161
GRE is protocol 47, not port 47. You cannot open a port for GRE you need to enable GRE pass-through which is done in different ways by different routers. Many SOHO routers it is done by enabling "PPTP-pass-through" others you forward the PPTP protocol rather than port 1723 which does both. Which router do you have maybe we can provide specifics.

As a test for the VPN basic connection, can you connect to the server from the LAN using the server's LAN IP rather than the public IP or domain name?
A 721 error is a blocked GRE issue.


Author Comment

ID: 34168346
Thank you RobWill for the comment and I apologize for the protocol vs port description in the original question. I am using SBS2003 behind a PfSense firewall which is also functioning as my router. As I look into the firewall/router settings, I have a pass-through rule for PPTP on port 1723 pointed to the LAN IP address of my server and I also have the same for GRE on port 47.
LVL 77

Accepted Solution

Rob Williams earned 2000 total points
ID: 34168471
I am afraid I am not familiar with the PfSense and cannot advise as to how to pass-through GRE but Googling shows that the PfSense can be a PPTP server (rather than the SBS). If this feature is enabled on the PfSense it will capture the GRE packets and not forward then to the SBS, thus blocking GRE. Are you sure it is not enabled?

Have you tested connecting the VPN from the LAN side?
Also from the SBS go to  and verify 1723 is open. I assume it is if you get far enough to get to a 721 error.
Are You Ready for GDPR?

With the GDPR deadline set for May 25, 2018, many organizations are ill-prepared due to uncertainty about the criteria for compliance. According to a recent WatchGuard survey, a staggering 37% of respondents don't even know if their organization needs to comply with GDPR. Do you?


Author Comment

ID: 34168805
RobWill.....I BOW TO YOU MY FRIEND! This was exactly the issue. I am not sure how this was changed but I appreciate all of your assistance! Thank you again! (You saved what is left of my hair!)

Author Closing Comment

ID: 34168809
I see why RobWill is in the HOF! Thank you again!
LVL 77

Expert Comment

by:Rob Williams
ID: 34168927
Thanks dabridge :-)
I suspect it was due to the UPS failure. I have seen routers reconfigure themselves or even wipe their entire configurations in a 'brownout' more so than a poweroutage, but where you didn't change anything I suspect it may be related.


Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I've written this article to illustrate how we can implement a Dynamic Multipoint VPN (DMVPN) with both hub and spokes having a dynamically assigned non-broadcast multiple-access (NBMA) network IP (public IP). Here is the basic setup of DMVPN Pha…
How to set-up an On Demand, IPSec, Site to SIte, VPN from a Draytek Vigor Router to a Cyberoam UTM Appliance. A concise guide to the settings required on both devices
After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…
Suggested Courses

722 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question