Firewall port configuration for VPN access? 1

[yt11313]

I have installed RRAS on win2k advanced server to provide VPN access for remote users. Everything works fine. I now need to put the server behind a firewall. What ports do I have to open on the firewall? Are there any additional special configuration to be performed on the Server or client?

Thanks

 

[Dmasch]

Open port 1723 and then port forward it to your server's Ip address which should be a private address.

 

[shawnpd40]

Are you using PPTP or L2TP? If you are using PPTP port 1723 is correct. However if you are using L2TP you will have to open an IP port 115.

Also, if you have problems with the PPTP you might have top open IP 47 for GRE. Wish I understood the GRE portion better, sometimes the port has to be open other times not...
Below is a link I reviewed but still don't really understand

http://www.gnatbox.com/Pages/text/draft-ietf-pppext-pptp-01.txt

Good Luck

 

[propag8]

147 is the protocol number for the GRE protocol, which is a subset of IP. The only instances where I've had problems with this are when a device (cheap router) does not support the GRE protocol. In that case, you have to get new hardware.

Mitch Huey
Systems Engineer