General discussion

Locked

VPN Troubles

By wblarkin ·
I am having (ALOT) of trouble setting up a VPN using NT4.0 Server / Win 98 Clients. I am hoping that there might be someone who can shed some light on the subject. I have downloaded every document I can find on the subject, but still have no success in implementation. First I have a small LAN with the NT server which is connected to a broadband router with a static IP. Second, a client with a static IP also running Windows 98 SE. Both units are connected via cable modem. I can ping the router from the client side, but when trying to establish a VPN session, it rejects the attempt. Most likely I do not have port assignments setup properly, and/or authentication. Bear with me.. I'm new to VPN... I have enabled, on the router, the "visible computer" option and gave it its internal IP address, supposedly making the VPN server "visible" to the internet. I, however, cannot seem to get past the router/firewall. There are settings for TCP & UDP ports, which the only one I have enabled is TCP port 1723. I'm sure there are more, can anyone help here? Also, on the remote side; How do I connect to a specific port #, or does the VPN client know what to do? Thanks for your answers in advance..

Bill

This conversation is currently closed to new comments.

9 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

VPN Troubles

by Stillatit In reply to VPN Troubles

On your LAN side, is your broadband router doing NAT (Network Address Translation), or did you buy multiple static IP's from the cable company, and the router is passing these through?

If your router is doing NAT, you need the router to route all traffic from the outside which addresses port 1723 to your NT box. In either case, you need to not block port 1723 in either direction from/to your NT box.

In setting up your connection parameters, start with turning all encryption off, including encrypted passwords. Do this at both ends. This eliminates encryption mismatch as a problem while you are setting up. Once it works with no encryption, set the appropriate encryption options on both sides and re-test.

Don't worry about port numbers on the remote side, this is typically invisible to the user, and is done automagically. If you have a firewall on the remote side, you need to enable port 1723 both in and out.

If this does not solve the problem, it will be very useful to knowwhich error messages you are getting when you try to connect.

Good luck.

Collapse -

VPN Troubles

by wblarkin In reply to VPN Troubles

Thanks for your comments...

Collapse -

VPN Troubles

by Kevin Anderson In reply to VPN Troubles

You also need to allow Protocol 47.

Note that it is PROTOCOL 47, not port 47.

As you already know, port 1723 is for the PPTP control connection you should see protocol 6 travelling over it.

Kev.

Collapse -

VPN Troubles

by wblarkin In reply to VPN Troubles

Thanks for your comments..

Collapse -

VPN Troubles

by burcjo In reply to VPN Troubles

You are on the right track with the TCP 1723 and the UDP ports... most likely the broadband provider has installed your local router with UDP blocked. (I've installed several and that's been the case every time).

The VPN Client knows what ports to use all on it's own.

We have several different VPN scenarios on our network and would be glad to assist if I can.

John Burchell
Network Manager
Green Mountain Energy Company

Collapse -

VPN Troubles

by wblarkin In reply to VPN Troubles

Thanks for your comments...

Collapse -

VPN Troubles

by shmaltz In reply to VPN Troubles

Just my 2 cents: to test if you can connect to the server thru port 1723 do the following command from a command prompt:
telnet x.x.x.x 1723
Where x.x.x.x is the IP address of the VPN server.
If you dont get an error it means you can connect to 1723.
On my firewall the only port I opened was 1723 and it worked.

Collapse -

VPN Troubles

by wblarkin In reply to VPN Troubles

Thanks for your comments...

Collapse -

VPN Troubles

by wblarkin In reply to VPN Troubles

This question was closed by the author

Back to Networks Forum
9 total posts (Page 1 of 1)  

Related Discussions

Related Forums