Windows SBS 2011 - NAT-T Traversal VPN

Posted on 2011-10-14
Last Modified: 2012-05-12
Good Afternoon,

We have recently installed an SBS 2011 domain into a building where we do not control the access to the outside world. The ISP has enabled Port 1723 to forward to our SBS 2011 server.

The problem is that after setting up Routing and Remote Access I can't dial in (using the PPTP VPN), nor actually can any machine on the domain dial out to any Windows VPN - i.e. if I wanted to connect to my home VPN.

The ISP is saying this is to do with NAT-T Traversal, is there or how do I:

a) Fix this on the RAS box allowing incoming connections
b) Tweak this to allow machines on the network to connect to other VPNs!

Many thanks

Question by:mattstannard
    LVL 56

    Expert Comment

    by:Cliff Galiher
    If you don't control the network edge then you simply can't. You need port 1723 and the GRE protocol (not port) forwarded. It sounds like the network edge is blocking GRE this PPTP inbound and outbound would fail. If they won't fix it, there is nothing you can do.


    Author Comment

    Hi Cliff,

    I'm speaking nicely to them - the GRE Protocol also applies to Windows I take it :-)

    LVL 56

    Accepted Solution

    GRE is part of the PPTP RFC, so all PPTP tunnels require it, Linux, windows, doesn't matter.


    Featured Post

    What Should I Do With This Threat Intelligence?

    Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

    Join & Write a Comment

    Suggested Solutions

    Even if you have implemented a Mobile Device Management solution company wide, it is a good idea to make sure you are taking into account all of the major risks to your electronic protected health information (ePHI).
    ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
    Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
    Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

    728 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    17 Experts available now in Live!

    Get 1:1 Help Now