Solved

PP2P using Fortigate 50B

Posted on 2011-09-29
6
533 Views
Last Modified: 2012-05-12
Hi Guys,

I am trying to configure a Fortigate 50GB to pass through VPN requests to a Microsoft 2003 RASS server. Any idea on the best way to do this? I am having no luck.
0
Comment
Question by:Layer3User
  • 4
  • 2
6 Comments
 
LVL 15

Expert Comment

by:jrhelgeson
ID: 36858077
Yes, you need to open up port 1723 TCP, GRE and ICMP
1723 is used to establish the tunnel.
GRE (Generic Route Encapsulation) is a protocol, it is IP protocol 47 that is used to actually tunnel the traffic.
ICMP needs to be opened up - I found that one out the hard way.  Dunno why it needs it but it wouldn't establish the connection without it.

Regards,
JRHelgeson
0
 

Author Comment

by:Layer3User
ID: 36860468
Ah, the ICMP might have got me. I'll try this.
0
 

Author Comment

by:Layer3User
ID: 36900252
Nope, that didn't seem to work.
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 
LVL 15

Expert Comment

by:jrhelgeson
ID: 36901303
I recall that the way I resolved it previously was to set up a packet capture on the device, then open up IP ANY/ANY then capture the traffic.  Then you'll know exactly what protocols are being used to establish the VPN.
It could also be a firewall on the box you are connecting into. Most domain computers will block any IP traffic that originates outside its own subnet.
0
 

Accepted Solution

by:
Layer3User earned 0 total points
ID: 37118064
No solution found.
0
 

Author Closing Comment

by:Layer3User
ID: 37136773
No solution found.
0

Featured Post

Portable, direct connect server access

The ATEN CV211 connects a laptop directly to any server allowing you instant access to perform data maintenance and local operations, for quick troubleshooting, updating, service and repair.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

OpenVPN is a great open source VPN server that is capable of providing quick and easy VPN access to your network on the cheap.  By default the software is configured to allow open access to your network.  But what if you want to restrict users to on…
Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question