Setting up a VPN with Linksys Router 1

[NTesla]

I have a Linksys BEFVP41 Router. I am trying to set up a VPN so that I can access my Network though a dial up connection. However I get as fair as Verifing User Name and password, and I get a an Error 721: The remote computer is not responding.

My remote system is Windows 2000 Professional
My system I'm trying to gain access to is Windows 2000 Advanced Server

I do have a security policy set up, that I can give settings to if necessary.

The Server has RRAS, DNS, DHCP and Active Directory Installed. My user name does have remote Access.

I also post this in The Windows 2000 Professional and Server Forum's

 

[ryantech]

How many network cards do you have on the server? Also are your forwarding TCP port 1723 and GRE port 47 to the IP of the server?

 

[NTesla]

I have one NIC in the server. Yes I'm forwarding ports TCP and UDP 47,500 and 1723.

 

[onepair]

Is this connecting to a w2k AD server? Are you suppling the
right username format?

 

[NTesla]

Yes active directory is installed on the server that I 'm trying to connect too. I'm enter the right user name and password, remote access is enable. I can dial in via modem just fine.

 

[ptalindstrom]

I think i have the same problem with a couple minor differences:

- i have 2003 server running VPN server (server).
- i am trying to connect from an XP box (workstation).
- i have Linksys befw11s4-v2 router

- both server and work are on the LAN 192.168.1.x

- when i do the vpn connect from ws to server through local IP address it connects with no problem

- when i try to connect by pointing to WAN address (i.e. ext side of the router) i get 721 error after tryng to verify user/password.

I have tcp 1723 pointing to server. Don't understand what it means to have gre protocol 47 enabled. I have read about 6 different meanings from this. Not much on router that sound like anything like this but to be safe i have pointing to server ip:

- 1723 tcp
- 47 tcp/udp
- 500 tcp/udp
- and port triggering set for trigger port 47 to incoming port 1723
- dhcp disabled (cuz i read somewhere to do this)
- pptp pass through enabled

Since i can do vpn if i miss the router i am pretty sure that this is a simple router issue - just no idea what it would be.

peter...

 

[Ptrif]

I am having the exact same problem stated above, does anyone have any suggestions on a fix?

any help is appreciated!!

Paul

 

[NTesla]

I have not gotten a solution to it yet. But I would really like too!! I just formated my server harddrive and would like to burn an image of it to DVD and would like to have this problem fixed

 

[Ptrif]

I have fixed the problem with this. All i did to resolve the problem was to upgrade the firmware on on the linksys router and then as per linksys, change the routers address to 192.168.254.1.

Also i would just like to add, even after i used the above procedures, i spent hours still trying different things and it would not work for anything. However i was trying to VPN in from a system that was already on the network, so i had a friend from outside of my network try and VPN in and it worked like a charm......

hope this helps as i know how frustrating the past few sleepless nights have been for me.

Paul

 

[TerryMc]

I have the same problem. I have the latest firmware on the router. I really don't want to change the router to 192.168.254.1 , this really means I need to change the entire network scheme right?

I have read somewhere that older firmwares will work but I have not confirmed this. I have the hardware VPN BEFVP 41 to BEFVP 41 working great, seem odd that I can't pass VPN through the router.



Terry

 

[vqly]

I stumpled on a fix that worked for me, not sure if it'll help you guys.

Got the same error as everybody using W2k Pro attempting to VPN to a Win2k Advanced Server.

Error 721: remote computer not responding.

This was weird because it was working fine the previously day, before I rebooted my laptop.

I then used "Remote Desktop Connection" to connect to the same computer via Terminal Service, that worked, so I logged off.

When I tried VPN again, it worked!

I don't know why this is.

 

[rockgeneral]

I am not sure if this will help anyone, but I have recently set up a similiar VPN for one of my clients that "forced" me to learn alittle more than I would have liked about VPN settings LOL. In most of the literature that I have read when connecting to sites via a VPN or a remote user to a network with a VPN, both nodes must be on different IP networks, for instance:

If the Office Network is addressed 192.168.1.X Subnet 255.255.255.0 and the other site or remote user is addressed 192.168.1.X Subnet 255.255.255.0 this will not work.

However, if your Office Network is addressed 192.168.1.X Subnet 255.255.255.0 and the other site or remote user is addressed 192.168.0.X Subnet 255.255.255.0 the VPN connection will work because both end points are on seperate networks.

In the case of a configuration where you are connecting an office to another office via two (2) hardware VPN's I believe this is true 100% of the time, with no way of working around it. However if you are connecting a remote user to a VPN device via a Software VPN client you may be able to get around changing the IP of your client computer by using the Virtual IP setup that is available in most VPN Software Clients. I have used this feature with SSH Sentinel and SoftRemote VPN products with some success.

Again if this is not applicable I apologize for my long winded post.

Regards,

M. George
Rockgeneral Systems, LLC.

 

[NTesla]

I have made all the requimented chances and still cannot get connected. What encryption and authentication settings should be set on the Server, notebook and on the router?

 

[tomaz9x]

I have the same problem. It started after I upgraded firmware from 1.40.3 to 1.41.1. It worked before.

How could I downgare firmware?

Tomaz

 

[eLinux]

I am having this issue and I believe the problem is quite simple.

Linksys routers only allow ONE VPN tunnel at a time. Therefore, if you're using an outbound VPN tunnel to therefore turn it around and connect (i.e., an inbound VPN tunnel), the Linksys router is going to reject the second (incomming) connection.

I really think this is the problem...it would explain the person above who posted and stated that his friend connected fine.

Hope this helps!

 

[tomaz9x]

Yesterday I downgraded firmware to 1.40.3f and it works again. Something if wrong with firmware 1.41.1

Regards

Tomaz

 

[eLinux]

It let you connect two computers inside your network through VPN while going outside of your network for the tunnel?

That's interesting...I'm pretty sure the Linksys only supports one tunnel.

 

[NTesla]

I just got off the phone with linksys tech support. Their must be an issue with firmware version 1.41.1, because tech support is e-mailing me firmware 1.40.3. I also asked how many tunnels this router can support at one time, their answer was 70.

Thanks for the help

 

[NTesla]

I have also down graded my firmware, and know I'm getting through. I am too using 1.40.3 now. i have left everything as it was.

 

[MaxPipeline]

FYI, IP protocol 47 is GRE and not TCP/UDP. TCP/UDP 47 is for a protocol called ni-ftp (not sure exactly what that is). Most routers have whats called PPTP pass-through. This is what enables the passing of IP protocol 47. You still need to forward TCP 1723, but you do not need to configure port mapping of TCP/UDP 47.

Likewise with IPSec passthrough. works similarly except it passes IP protocol 50 and 51 IIRC.