Solved

VPN Error 800 - SBS 2008

Posted on 2014-10-24
14
228 Views
Last Modified: 2014-11-14
Trying to connect machine to network so I can join to domain.

Tried connecting and received Error 800 - The remote connection was not made because the attempeted VPN tunnels fialed. The VPN server might be unreachable. If this connection is attempting to use an L2TP/IPsec tunnel, the security parameters required for IPsec negotiation might not be configured properly.

Checked the Verizon router. Port 1723 is opened and forwarded to the server.

Checked the SBS Console and saw the VPN connection was turned off. Ran the "Configure a virtual private network" wizard. Received a green checkmark on the "Configure virtual private networking on the server." Received yellow warning on "Internet Router" - ports must be manually opened on the router - 1723 (which I did).

Checked canyouseeme.org for port 1723 and it failed with a connection time out.

Firewall on the server is turned off.

Not sure what I am missing.
0
Comment
Question by:SBSWIZARD
  • 7
  • 5
  • 2
14 Comments
 
LVL 35

Expert Comment

by:Kimputer
ID: 40403058
Just opening port 1723 isn't always enough since GRE protocol 47 is also needed. Sometimes it's not part of the port forwarding page, and it's described as "PPTP forwarding/tunneling enabled" on another page.
To know if it's a firewall/router issue, test the VPN locally first (use pc inside your network to connect to the server). If that's successful, it's either your router/firewall or your ISP might be interfering.
0
 
LVL 24

Expert Comment

by:VB ITS
ID: 40403541
Post up the model number of your router so we can see if it supports VPN.
0
 

Author Comment

by:SBSWIZARD
ID: 40409035
@Kimputer

GRE is also added to the Port Forwarding page.

@VB ITS

It's the normal red/black Actiontec Verizon router that is supplied. Not onsite to grab the model number.
0
 
LVL 35

Assisted Solution

by:Kimputer
Kimputer earned 166 total points
ID: 40411036
Did you already check the VPN inside your LAN? (If it doesn't work, we can rule out a modem/router problem, and we can focus on other areas)
0
 
LVL 24

Assisted Solution

by:VB ITS
VB ITS earned 334 total points
ID: 40412268
Yep, create a VPN connection to your server's LAN IP address from a computer on the network as outlined by Kimputer above. If it connects OK then we know your server is configured properly to accept VPN connections, which would then point to an issue with your router.
0
 

Author Comment

by:SBSWIZARD
ID: 40414453
Ok. Must have jumped over that comment earlier. Will test later tonight. Thanks.
0
 

Author Comment

by:SBSWIZARD
ID: 40420930
Ok. I tested from a machine inside the network and was able to establish a VPN connection using the server's internal IP address.

So next step is the router. What else do I need to look for since GRE and 1723 are opened and pointing towards the internal server?
0
Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

 
LVL 24

Expert Comment

by:VB ITS
ID: 40420933
Are you able to get the model number of the router? That way we can have a look up the manual/specs to see if it natively supports PPTP port forwarding. You could also look at upgrading the firmware on the router as sometimes the manufacturer releases updates to address these sort of issues.

When you went to create the port forwarding rule, did you create a new rule for port 1723or did you use a pre-defined rule which is usually named PPTP or something along those lines?
0
 

Author Comment

by:SBSWIZARD
ID: 40422496
I used a pre-defined rule that set already called "VPN" that had a setting for TCP 1723 as the port.
0
 

Author Comment

by:SBSWIZARD
ID: 40423201
Model: A90-9100EM15-10
Firmware Version: 2.01.02.00
0
 
LVL 24

Accepted Solution

by:
VB ITS earned 334 total points
ID: 40423255
Alright, looks like it's a Westell modem that's been branded by Verizon. Does it look like this? http://my.verizon.com/micro/fiosrouters/images/9100em_router.jpg

If so, go to this link and see if this firmware version applies to you: http://my.verizon.com/micro/fiosrouters/?router=9100em
0
 

Author Comment

by:SBSWIZARD
ID: 40439103
Well after updating firmware it still didnt work but then a couple days later the modem took a dive anyway. Verizon replaced it with a new Actiontek router and after configuring, I was able to get the VPN working.
0
 
LVL 24

Expert Comment

by:VB ITS
ID: 40439106
My next suggestion would have been to replace the router with something else if possible. Either way glad to hear it's working now. Is the new router the same model as the old one or is it a different one?
0
 

Author Comment

by:SBSWIZARD
ID: 40442815
Different model. Thankfully.
0

Featured Post

How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

Join & Write a Comment

Written by Glen Knight (demazter) as part of a series of how-to articles. Introduction One of the biggest consumers of disk space with Small Business Server 2008(SBS) is Windows Server Update Services, more affectionately known as WSUS. For t…
The articles for turning off the Client firewall policy on the internet are for SBS 2008 and don't really help for SBS 2011. They actually moved the Client firewall policy. In 2011, the client firewall policy has moved to the SBS computers conta…
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …
This video explains how to create simple products associated to Magento configurable product and offers fast way of their generation with Store Manager for Magento tool.

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now