PP2P using Fortigate 50B

Layer3User
Layer3User used Ask the Experts™
on
Hi Guys,

I am trying to configure a Fortigate 50GB to pass through VPN requests to a Microsoft 2003 RASS server. Any idea on the best way to do this? I am having no luck.
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
jrhelgesonSolutions Architect

Commented:
Yes, you need to open up port 1723 TCP, GRE and ICMP
1723 is used to establish the tunnel.
GRE (Generic Route Encapsulation) is a protocol, it is IP protocol 47 that is used to actually tunnel the traffic.
ICMP needs to be opened up - I found that one out the hard way.  Dunno why it needs it but it wouldn't establish the connection without it.

Regards,
JRHelgeson

Author

Commented:
Ah, the ICMP might have got me. I'll try this.

Author

Commented:
Nope, that didn't seem to work.
Ensure you’re charging the right price for your IT

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden using our free interactive tool and use it to determine the right price for your IT services. Start calculating Now!

jrhelgesonSolutions Architect

Commented:
I recall that the way I resolved it previously was to set up a packet capture on the device, then open up IP ANY/ANY then capture the traffic.  Then you'll know exactly what protocols are being used to establish the VPN.
It could also be a firewall on the box you are connecting into. Most domain computers will block any IP traffic that originates outside its own subnet.
No solution found.

Author

Commented:
No solution found.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial