• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 523
  • Last Modified:

client vpn to sbs 2003 gets 721 error

I checked the vpn using pptpclnt and gre is responding.  No firewall on server. Which logs do I need to look at to diagnose ?
0
HalCHub
Asked:
HalCHub
  • 10
  • 6
  • 5
1 Solution
 
Alan HardistyCo-OwnerCommented:
Is TCP Port 1723 open inbound too?
0
 
Alan HardistyCo-OwnerCommented:
What router / firewall do you have and does it allow PPTP to passthru?
0
 
HalCHubAuthor Commented:
yes its getting to the server since pptpclnt responds with out issue
0
Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

 
Alan HardistyCo-OwnerCommented:
Okay - is the Routing and Remote Access Server Service running on the server?

If you go to www.canyouseeme.org on the serrver and test port 1723 - do you see success?

Can you run the following from a command prompt please:

netstat -anbp tcp >c:netstat.txt

Thent upload netstat.txt please for me to look over.

Thanks

Alan
0
 
HalCHubAuthor Commented:
can you see me works fine netstat.txt netstat.txt
0
 
Alan HardistyCo-OwnerCommented:
Not seeing the port 1723 in use and listening on your server.

Are you sure Routing and Remote Access is started and configured correctly and using port 1723?
0
 
HalCHubAuthor Commented:
I do see in my wan miniport(pptp) I have 2 devices the second one is Wan miniport(pptp) #2 and it is the active one with 20 possible connections..

Wan Miniport (pptp) device instance root\ms_pptpminiport\000

Wan Miniport (pptp) #2 device instance root\net\000

0
 
Alan HardistyCo-OwnerCommented:
Until you see System using port 1723 on your server when you run the netstat command I posted earlier, then it won't work.

Please disable RRAS and then configure it again choosing other from the first menu and then VPN from the second menu.

Thanks

Alan
0
 
Rob WilliamsCommented:
You are better to use the SBS wizard to create the VPN. Before doing so disable RRAS from the RRAS console. If you have 2 NIC's you will also have to run the connect to the Internet wizard. an outline of the SBS configuration method can be found here:
http://www.lan-2-wan.com/SBS-VPN-instr.htm

Once you have re-run the VPN wizard try connecting to the LAN IP of the SBS from the local network. This will verify if the server is properly configured. You can then worry about external routing.

In your topic areas you list IPSec. There is no IPSec involvement with the PPTP VPN, have you tried to configure IPSec in any way?
0
 
HalCHubAuthor Commented:
I select custom and only select vpn.  I have a rouge miniport and I dont know how to clear it out.
0
 
HalCHubAuthor Commented:
canyousee me worksfine and finds the server so do pptpclnt.  I need to find out how to remove all wan miniport and add them back.  I know how to you devcon to install can I use it to do a remove ?
0
 
Rob WilliamsCommented:
If you are referring to the WAN Miniports in the RRAS console, just right click in the white space and choose properties | select the item you want to edit | set the maximum ports to 0 | and save. To recreate use the same procedure and set the # of ports. The default with SBS is 5 and Server std is 128. Choose whatever you like so long as you have 2 or more PPTP ports.. However I don't see how this is related to your problem. Using the SBS wizard will automatically configure this for you, as well as your DHCP scope, provide DNS options for the client | and create a downloadable "connection manager" for clients.
0
 
HalCHubAuthor Commented:
i have 2 wan miniport (pptp) then first one will not create ras ports then send one will.
0
 
Rob WilliamsCommented:
I am sorry I don't understand what you are saying.
Can you post a screen shot of the ports?
I would recommend enabling more than 2, in case you have multiple users and they are also sometimes not released right away.
0
 
HalCHubAuthor Commented:
well my server took a dump today with a 1033 error and when it came back up it fixed itself.

I now have only 1 miniport (pptp) and my vpn is working fine.. thank you for your time

0
 
Rob WilliamsCommented:
With only 1 Miniport (PPTP) you can only have 1 VPN connection at a time. The default with SBS is 5.
0
 
HalCHubAuthor Commented:
I fixed it.. problem was l2tp where missing
0
 
Rob WilliamsCommented:
Interesting, the SBS VPN doesn't use L2TP, and thus does not need an L2TP port to work. GRE uses PPTP.
0
 
HalCHubAuthor Commented:
I know but when I added those ports everthing worked fine.. it was very strange..
0
 
Rob WilliamsCommented:
For those that follow I seriously doubt this was the actual solution, there must be something else at play or triggered at the same time.
0
 
HalCHubAuthor Commented:
server fixed itself
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

  • 10
  • 6
  • 5
Tackle projects and never again get stuck behind a technical roadblock.
Join Now