VPN and Routers and Cable Modems.. Oh My 1

[sameagle]

Hey All,

Little help please

Setting up VPN in the following fashion.
WindowsXP(Client)->Router(Netgear RP114)->Cable Modem->Internet->Cable Modem->Router(Netgear MR314)->WindowsXP(Host)

Setup the VPN network connection on the client side and the host VPN connection on the host side. Also forwarded port 1723 on the host router.

What else do i need to do?

It verifies username and password and attempts to register the client PC and register network protocol connections and whammo.. we get

"TCP/IP CP reported error 733"

Please help quickly

 

[John Lewis]

Protocol 47/GRE needs to pass through the routers / firewalls, assuming you are using pptp as would be indicated by port 1723. Not sure how to do it on your equipment, look for pptp pass through if nothing else.

 

[sameagle]

how do u enable that protocol?

 

[sameagle]

thanks for the help.. I think i understand.. but where is ip filtering in XP to do this?

 

[John Lewis]

If you set up XP to accept tcp on 1723, you should be fine. GRE/47 should fly without any other changes.

 

[MattWray]

I found this with a Google search. "TCP/IP reported error 733:Your computer and the remote computer could not agree on PPP control protocols."
Have you verifed both sides are either PPTP or L2TP?
Thanks,

Matt Wray

http://www.netcomtec.com

http://www.total-tec.com

 

[sameagle]

OK, got rid of the error and connected by assigning an IP address on the host side. Didnt know i needed to do that manually.. but it made sense so i tried it.. Now it shows me as connected, but no workgroup or computer. How do i actaully view the host side? When i view my ip settings, i see the VPN settings under PPP with the IP i assigned... but nothing with the network on the host side.. i just cant find it from the client side... what am i missing guys.. how do i view the host side ??? what am i missing guys.. thanks all

 

[John Lewis]

Well, your most of the way there!

First, make sure that you can get data through the tunnel. Try pinging the VPN ip both ways. If it doesn't work, report back the specific error.

Make sure that you have M$ client and server installed on both the VPN connection on both sides. Also, make sure that you have at least one resource shared on each side. Both computers need to use the same workgroup name. You can adjust that (remove shares or services) after everything is working, but it is easier to get started that way.

Try to search for the remote computer, right click on Network Neighborhood, search for computer. Use the computer name first, if that doesn't work, try the ip address - remember to use the VPN address instead of the LAN address.

Post back your results and we'll go from there. If you don't understand any of the instructions, post back and I'll slow down a bit.

 

[sameagle]

ok, ping works fine from both sides.. when you are talking about the VPN IP.. do u mean the WAN IP ?.. There is a WAN IP address that we have to use on the router because it sets the local IP on the PC. So when you say search for the computer name i dont know what you mean.. its a wan ip for a router.. right?

Also,
im really new to this ... can u explain this paragraph better
Make sure that you have M$ client and server installed on both the VPN connection on both sides. Also, make sure that you have at least one resource shared on each side. Both computers need to use the same workgroup name. You can adjust that (remove shares or services) after everything is working, but it is easier to get started that way.
What is M$ ? Do i install it to each connection on both sides?

We have the pcs on both sides setup on the same workgroup.. but neither one of us can see the other when connected..

Thanks so much for the help

 

[sameagle]

update... i did a seach and one of the computers comes up under Web Client Network... but i cannot explore it or look at its properties.. despite it being shared to the network.. just some more info for you.. Thanks again

 

[John Lewis]

Let's start with the client/server service. Click Start --> Control Panel --> Network and Internet Connections --> Network Connections --> Right-click the VPN connection --> Properties. Click the Networking tab. Make sure that File and Printer Sharing for Microsoft Networks is in the list of components for the connection. If File and Printer Sharing for Microsoft Networks is not in the list of components for the connection: Click Install --> select the Service check box --> click Add. In the Manufacturers box click Microsoft. In the Network Services box, click File and printer sharing for Microsoft Networks, and then click OK. In the list of components for the connection, make sure that File and Printer Sharing for Microsoft Networks is selected (check box is marked). Click on the TCP/IP protocol, then click Properties --> Advanced. Click on the 'WINS' tab and make sure that the 'Enable LMHOSTS lookup' is checked. Click OK on each form until you get back to the VPN properties main page. While you have the properties open, there is a box somewhere that says 'Show icon in taskbar when connected' (or something like that). Should be on the 'General' tab (I think). I don't have a XP box in front of me right now, so the location/label may vary slightly. Anyway, if you can find it, make sure that it is selected. Click Close or click OK.

Next, make sure that the share(s) you set up are network shares and not local shares. Make sure that the account (user) you are using on the client machine exists on the server and is using the same password -- the fact that you are connecting means that you are probably ok there.

Fire up the VPN. You should have an icon on your task bar. Right click on it and select 'Status'. Click on the 'Details' tab. There should be two addresses, client and server. These are the VPN addresses I wanted you to ping/search for. Not so much concerned about that now, if you were able to see the other computer by doing 'Search for Computer', but you will need the addresses for the next step.

Take a breath, we're almost there. Click Start --> Search for Files. In the 'Files or folders named' box, enter 'lmhosts.sam' and start the search. When the file is found, right click on it and select 'Open containing folder'. Right click on a blank space inside the folder and select New --> text document. You should get a new icon, and the filename should be highlighted. Type 'lmhosts' -- no '.txt' or anything like that the name. Press enter to save, and the icon should change to resemble the other files in that folder. Right click on the new file and select Open With --> Notepad (or Wordpad).

At this point, you should have Notepad (or Wordpad) open with a blank document named 'lmhosts'. You need two lines, should look like this:

xxx.xxx.xxx.xxx ServerName #PRE
xxx.xxx.xxx.xxx ClientName #PRE

Replace the xxx.xxx.xxx.xxx with your VPN ip's and the Server/ClientName with the name of the appropriate computer. Type the '#PRE' exactly as shown -- capital letters, no spaces. It doesn't matter how much space is between the items on each line - I usually use tabs to make everything line up real nice, but it doesn't have to. Click File --> Save, then close Notepad.

Open a command window. (Start --> Command Prompt I think). Type 'nbtstat -R' and press enter. Has to be capital R, rest doesn't matter. Report anything other than a message indicating Successful. Type 'nbtstat -c' and press enter. Lowercase c this time. Should have three lines for each of the lines in your lmhosts file (total of 6). Report anything different.

If all looks well so far, try NetNhood again and see what happens.

Long list, but I think this will get you there. If something doesn't look right, or if you need more explaination, post back. Of course, let me know if it works, too.

Good luck!

 

[sameagle]

the addresses listed are 192.168.0.19 Server and 192.168.0.20 Client. Of course i can ping the client from the client.. but it times out when pinging the first ip.

Let me give you a little more info. I was getting a "TCP/IP CP reported error 733" error message everytime i tried to connect.. so on the host side i set the ip for the client box. At the same time i opened up port 1723 on both routers. Is this correct? Is there anything else i need to do?

Thanks again
Vince

 

[sameagle]

OK, more info as i learn here

On the Host side i have set a range for the ip addresses for both the client and server. These IP addresses are not in the same range as the actual IP address used by the NIC for the LAN.

On the client side when setting up the connection i used the WAN port ip (router id) which is a true ip.. like 68.194.xx.xx.

There are 2 PCs on the network. An XP laptop (laptopxp) and an Me Desktop (masterhp). So the ip of the laptop is 192.168.0.6 and the desktop is 192.168.0.2. When the vpn gets set the server is always 192.168.0.7 and the client is between 192.168.0.8 and 192.168.0.10. The router ip is 68.101.x.x .

Once it is connected I cannot ping the server address (192.168.0.7). Only the client. And the opposite for the host of course.. He can ping 192.168.0.7 but not 192.168.0.8.

The really wierd thing is that when i search i never find laptopxp... only masterhp??? which is wierd because the vpn host connection is setup on the XP laptop.

I still tried what you said with the lmhost file just for practice and this is what i got.

192.168.0.7 laptopxp #PRE
192.168.0.9 Count_Floyd #PRE



Command Window Results

Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.

C:\Documents and Settings\Vince Salvo>nbtstat -R
Successful purge and preload of the NBT Remote Cache Name Table.

C:\Documents and Settings\Vince Salvo>nbtstat -c

Local Area Connection 3:
Node IpAddress: [192.168.0.2] Scope Id: []

No names in cache

Infinet:
Node IpAddress: [192.168.0.9] Scope Id: []

No names in cache



Also, when this does work right .. what is the best way to check.. will the workgroup show up in my entire network or what? How do i best test the functionality of the connection..

Thanks again for everything

 

[John Lewis]

First, if you are able to make the VPN connect and it stays up for more than a minute or so, your firewall is fine. If you open the status box for the VPN connection, you should see data being transmitted and received. Even though you aren't really sending anythin, there is control data being passed back and forth.

You need to change your ip network addresses, for starters. That should allow you to make a connection -- ping should at least work. For a detailed explaination, see my rather lengthy and rambling post in thread463-447092 today. I would take a similar approach, your network would become 192.168.3.xxx, the VPN connection would be 192.168.4.xxx, and the other side of the connection would be 192.168.5.xxx. You can substitute any number you want for the 3, 4 and 5 between 1 and 126. Again, better (I hope) explaination in that other thread.

Something is wrong with your lmhosts file. It is in the wrong place or maybe has an extension that you can't see from Windows explorer. Open a command window. Type 'echo %SystemRoot%' and press enter. Change to the drive letter that is displayed (if your not already there). Type 'cd \%SystemRoot%\system32\drivers\etc' and press enter. Type 'dir' and press enter. You should see a list of files, including lmhosts -- no period, no extension. The lmhosts.sam file should also be there, as well as hosts -- not a big deal if they aren't as they don't do anything when using lmhosts. Would just indicate that you are in the correct directory. If you do see it there, type 'type lmhosts' and press enter. That will dump the file to your screen, make sure it looks like what you typed. Report back any problems or if you need clarifications.