first time VPN setup

[ttechie]

Im new to the VPN game so i have a couple of questions

Our company's current set up is a cisco 1720 router pefroming NAT. behind the router we will be placing our VPN server running on windows 2003 (it will also be our Active directory,DNS, and DHCP server, which isnt best practice, iknow but thats how it is going to be reguardless of what i say). I configured windows 2003 to accept VPN connection in the RAS settings (we only really need to get one person from his house to connect to our network) Will all i have to do is allow the router to permit packets coming into it on its external interface to establish a VPN connection? (ports 47 and 1723)

thanks for any help you can give.

 

[blacknightx]

im new at this, so ill tell you what i know:
definately allow port 1723
im not sure about 47 but probably
if youre using nat on your router dont forget to forward those ports to the vpn server

 

[blacknightx]

its me again - i think that "47" is the protocol number for gre not the port number. if youre router allows you to "allow pptp passthough" thats what you want to enable.

 

[JOAMON]

Did You Know......
You can do this an easier way.....the Cisco 1720 can be configured as a VPN server and also allow split tunneling for remote clients. The VPN client software is unlimited use so long as the client software is only used to connect to Cisco devices. Will need smartnet to be able to download the client software form Cisco. See the following link. This would be far better than extending your server to the internet for VPN clients.

http://www.cisco.com/en/US/netsol/n...g_solutions_white_paper09186a0080186fcf.shtml

 

[ttechie]

thanks for the info on the cisco site. but for now, we do have the remote user being able to connect. Once i had the router forward the PPTP and protocol 50 packets to the VPN server, everything, connectionwise, worked. heres the next problem though. the remote user can connect and access the shared drives that reside on the VPN server (, but cannot access any other shared drives on our other file server. ie: mapping R: to \\server\sharedDrive where "server is the vpn server" but cannot do \\server2\sharedDrive where "server2" is the other file server).

is there something i have to set in the Remote Access Server settings in the wind2k3 vpn server? since the server is behind our router and only has one nic, do i have to route the virtual nic created for the vpn connection to the physical nic?

 

[JOAMON]

Not really sure on that...hopefully someone will skeak up on that issue. I only use the Cisco VPN product...do not like exposing any Microsoft product directly to the Internet.

 

[ROUTERKID1]

ttechie make sure File and PRinter sharing is installed and you may need Netbui installed on the clients.

 

[blacknightx]

i was having a similar issue - users could connect to the vpn server but couldnt see ANY network resources, even the shared files on the file server (which is the same box as the vpn server)
i posted in a dozen different forums - no replies

 

[JOAMON]

Try this....
First ping the IP address of the server....
If sucessful then
Click start and run
enter
\\server_ip_address\shared_folder_name

See what that gets you.

 

[ballaniang]

Hi amigo,
I have the same trouble about vpn and shared folder.
I can ping my server but I cannot access the shared folders.
\\server_ip\shared give "anny application for your network path"
But I 'm sure it netbios trouble.
How to force the server PPtP interface to enable netbios ?
Or otherwhise how to install netbui on win 2003 ?
This is your solutions
Please help me

ballaniang