Allowing VPN access through a Win2K3 Router

[lordbelial]

I have a Windows 2003 Standard server using Remote Access and Routing to route our PPPoE DSL using NAT over the network. My only problem is that one user cannot access their work VPN. I have the following ports forwarded:

500 UDP
4500 UDP
1701 UDP
1723 UDP

Even with these ports forwarded he cant connect. We used to have a Linksys router with IPSec, PPTP and L2TP passthrough enabled and he could connect without a problem. Aren't these ports the correct passthrough? Also I have turned off basic firewall.

 

[ikidd]

What router does he have on his end? Some brands, notably Linksys, had problems returning GRE (protocol 47) for dial-out PPTP users on certain flash versions. Update the router to the latest and see if that helps. The only forwarding you should need on your end is 1723 TCP. The passthrough will take care of the GRE packets if it's properly built. Note, this is not a TCP protocol on port 47 as many people get confused about, it's another protocol entirely that the router has to forward outside of the usual methods.

Check out thread181-27567 that may be related to your problem. Use pptpclnt and pptpsrv from Win2000 Support Tools to determine full connectivity on the required ports and protocols.