SBS 2011 VPN issue

Hello,

 I have a SBS 2011 server, on which I configured the VPN via the console.  When I try to connect to the server, I receive the error - see the attached file. I forwarded 1723 port to the SBS, and no luck. The user is in VPN group.

Any ideas how to troubleshoot that?

The SBS is behind a Vingor 2920, to which I have connected a BT Hub.
goliveukAsked:
Who is Participating?
 
David AtkinConnect With a Mentor Technical DirectorCommented:
I would probably pin this on the BT Router (Or at least start trouble shooting from there).

From researching it looks like others have also had issues with VPN's on the BT Routers.  

Any reason why you are using the BT Router and not direct to the Draytek?

The Draytek should auto forward the VPN Protocol (GRE 47) when doing a port mapping looking at this:
http://www.draytek.co.uk/archive/kb_vigor_passthrough.html
0
 
David AtkinTechnical DirectorCommented:
Hello,

Have you forwarded the ports on both the Draytek and the BT Hub?

Make sure that the Draytek VPN Settings are disabled.  This has caused me issues previously.
0
 
goliveukAuthor Commented:
I forwarded 1723 from the BTHub to the Draytek, and from the Draytek to the SBS. canyouseeme.org show 1723 as opened :)
0
Protect Your Employees from Wi-Fi Threats

As Wi-Fi growth and popularity continues to climb, not everyone understands the risks that come with connecting to public Wi-Fi or even offering Wi-Fi to employees, visitors and guests. Download the resource kit to make sure your safe wherever business takes you!

 
David AtkinTechnical DirectorCommented:
Did you check that the Draytek VPN Settings where disabled in:

VPN and Remote Access> Remote Access Control.

All the options want to be unticked.
0
 
goliveukAuthor Commented:
All of them unticked.
0
 
David AtkinTechnical DirectorCommented:
Can you upload the file attachment?  It didn't upload originally
0
 
goliveukAuthor Commented:
Uuups, Here it is :)
sbs-vpn.png
0
 
David AtkinTechnical DirectorCommented:
I've done a port test on 1723 to the location in your screenshot.  It shows it as closed.

Can you create the VPN to the IP Address instead of the name?
0
 
goliveukAuthor Commented:
0
 
David AtkinTechnical DirectorCommented:
Your remote.oppco.co.uk record is currently pointing to:
86.182.224.134

Can you try creating the VPN connection using the IP address rather than the name.
0
 
goliveukAuthor Commented:
Yep, I tried directly to the IP, and it is the same.

P.S. I will fix the record later.
0
 
David AtkinTechnical DirectorCommented:
No problem, just making sure we are on the same page (Y).

Can you log in using the Administrator credentials?

If possible, can you post a screen shot of the port rules in the BT Hub and Draytek - Sorry to be a pain!
0
 
goliveukAuthor Commented:
Here both of them
Draytek.png
BTHub.png
0
 
David AtkinTechnical DirectorCommented:
Does your OWA port mapping work?

Any particular reason why you're using the BT Router still and not the DrayTek direct?

Do you get any errors in the event logs relating the VPN Connection or does nothing show?
0
 
goliveukAuthor Commented:
OWA works like a charm.

Here is what I got just now:

A connection between the VPN server and the VPN client <ip adress> has been established, but the VPN connection cannot be completed. The most common cause for this is that a firewall or router between the VPN server and the VPN client is not configured to allow Generic Routing Encapsulation (GRE) packets (protocol 47).
0
 
Olaf De CeusterCommented:
You need to allow GRE on the router.
(Or PPTP pass through as it is sometimes called).
Check your routers documentation.
Hope that helps,
Olaf
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.