HalCHub
asked on
client vpn to sbs 2003 gets 721 error
I checked the vpn using pptpclnt and gre is responding. No firewall on server. Which logs do I need to look at to diagnose ?
Is TCP Port 1723 open inbound too?
What router / firewall do you have and does it allow PPTP to passthru?
ASKER
yes its getting to the server since pptpclnt responds with out issue
Okay - is the Routing and Remote Access Server Service running on the server?
If you go to www.canyouseeme.org on the serrver and test port 1723 - do you see success?
Can you run the following from a command prompt please:
netstat -anbp tcp >c:netstat.txt
Thent upload netstat.txt please for me to look over.
Thanks
Alan
If you go to www.canyouseeme.org on the serrver and test port 1723 - do you see success?
Can you run the following from a command prompt please:
netstat -anbp tcp >c:netstat.txt
Thent upload netstat.txt please for me to look over.
Thanks
Alan
ASKER
can you see me works fine netstat.txt netstat.txt
Not seeing the port 1723 in use and listening on your server.
Are you sure Routing and Remote Access is started and configured correctly and using port 1723?
Are you sure Routing and Remote Access is started and configured correctly and using port 1723?
ASKER
I do see in my wan miniport(pptp) I have 2 devices the second one is Wan miniport(pptp) #2 and it is the active one with 20 possible connections..
Wan Miniport (pptp) device instance root\ms_pptpminiport\000
Wan Miniport (pptp) #2 device instance root\net\000
Wan Miniport (pptp) device instance root\ms_pptpminiport\000
Wan Miniport (pptp) #2 device instance root\net\000
Until you see System using port 1723 on your server when you run the netstat command I posted earlier, then it won't work.
Please disable RRAS and then configure it again choosing other from the first menu and then VPN from the second menu.
Thanks
Alan
Please disable RRAS and then configure it again choosing other from the first menu and then VPN from the second menu.
Thanks
Alan
You are better to use the SBS wizard to create the VPN. Before doing so disable RRAS from the RRAS console. If you have 2 NIC's you will also have to run the connect to the Internet wizard. an outline of the SBS configuration method can be found here:
http://www.lan-2-wan.com/SBS-VPN-instr.htm
Once you have re-run the VPN wizard try connecting to the LAN IP of the SBS from the local network. This will verify if the server is properly configured. You can then worry about external routing.
In your topic areas you list IPSec. There is no IPSec involvement with the PPTP VPN, have you tried to configure IPSec in any way?
http://www.lan-2-wan.com/SBS-VPN-instr.htm
Once you have re-run the VPN wizard try connecting to the LAN IP of the SBS from the local network. This will verify if the server is properly configured. You can then worry about external routing.
In your topic areas you list IPSec. There is no IPSec involvement with the PPTP VPN, have you tried to configure IPSec in any way?
ASKER
I select custom and only select vpn. I have a rouge miniport and I dont know how to clear it out.
ASKER
canyousee me worksfine and finds the server so do pptpclnt. I need to find out how to remove all wan miniport and add them back. I know how to you devcon to install can I use it to do a remove ?
If you are referring to the WAN Miniports in the RRAS console, just right click in the white space and choose properties | select the item you want to edit | set the maximum ports to 0 | and save. To recreate use the same procedure and set the # of ports. The default with SBS is 5 and Server std is 128. Choose whatever you like so long as you have 2 or more PPTP ports.. However I don't see how this is related to your problem. Using the SBS wizard will automatically configure this for you, as well as your DHCP scope, provide DNS options for the client | and create a downloadable "connection manager" for clients.
ASKER
i have 2 wan miniport (pptp) then first one will not create ras ports then send one will.
I am sorry I don't understand what you are saying.
Can you post a screen shot of the ports?
I would recommend enabling more than 2, in case you have multiple users and they are also sometimes not released right away.
Can you post a screen shot of the ports?
I would recommend enabling more than 2, in case you have multiple users and they are also sometimes not released right away.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
With only 1 Miniport (PPTP) you can only have 1 VPN connection at a time. The default with SBS is 5.
ASKER
I fixed it.. problem was l2tp where missing
Interesting, the SBS VPN doesn't use L2TP, and thus does not need an L2TP port to work. GRE uses PPTP.
ASKER
I know but when I added those ports everthing worked fine.. it was very strange..
For those that follow I seriously doubt this was the actual solution, there must be something else at play or triggered at the same time.
ASKER
server fixed itself