Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

VPN PPTP on 2003 server wont connect remotely, but will if on same LAN

Status
Not open for further replies.
markm75

markm75

IS-IT--Management
Oct 12, 2006
187
US
I recently re-did the setup in RAS of our PPTP vpn connection to our LAN.. I followed the wizard along as I had before.. chose the VPN and NAT option.. setup the DHCP relay agent..

I can connect via Vista on the same lan just fine..

Now attempts to connect via our external dns address just sit there and dont go anywhere, it never gets to the verifying user name and password phase..

I'm out of ideas.. I've checked that TCP 1723 is open on the router (as it was before)..

Any thoughts out there?

Thanks
 
Sort by date Sort by votes
Can you give us the error message that you are receiving? Are you sure that the port forwarding is sending the VPN traffic to the right host inside your firewall?
 
Upvote 0 Downvote
There is no error message per say on the Vista client.. other than the usual.. could not establish a connection or communicate with the remote computer etc.

I'm sure the firewall is fine, as I had it working minutes before.. (I just disabled the RAS settings and reran the setup to deal with some slow connecting (needing to redial the connection) issues)

 
Upvote 0 Downvote
just as a sanity check, you mentioned port 1723 is open and you could connect internally; have you enabled gre protocol on your router as well. i'm just trying to get the obvious since i am guilty of making this same mistake many times.
 
Upvote 0 Downvote
I checked all the ports, added GRE though, didnt seem to help, but then I rebooted the server and it worked fine.

as a subnote/question:

I wanted to find a more secure way of connecting, as i've read that pptp is unsecure at least during password exchange. I thought the solution was to turn on IPSEC and l2tp in RAS which i did:


but havent had any success connecting remotely.. I thought the only thing I needed to change was checking off "allow custom ipsec policy for l2tp connection" on the Security tab when you right click the server and do properties in RAS and add a pre shared key.

I then switched the client config to l2tp ipsec and entered in the same password.

When it tried to connect it fails with:


"Error 789: The l2tp connection attempt failed because the security layer encountered a processing error during initial negotiations with the remote computer"

Any thoughts out there?

Thanks
 
Upvote 0 Downvote
I should add that i can connect behind the firewall fine, i also have ipsec passthrough turned on as well.
 
Upvote 0 Downvote
i am also in search for an answer to the l2tp problem.....as we are also using PPTP right now but also heard it's insecure
 
Upvote 0 Downvote
Apparently, too, PPTP is nearly as secure if you secure it with EAP TLS and an SSL certificate, which I may also consider.. but I think it requires ISA server and radius server configs(?)

 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

MaioMaio
  • Locked
  • Question
Server Remote Desktop License
Replies
0
Views
233
MaioMaio
MaioMaio
Aquiles Vidal
  • Locked
  • Question
Web Browsers in Windows Server or Terminal Server
Replies
0
Views
290
Aquiles Vidal
Aquiles Vidal
dpellegrini
  • Locked
  • Question
Website will load using hostname but not IP address
Replies
3
Views
486
mangentle
mangentle
mangentle
  • Locked
  • Question
What could be the potential causes if a Microsoft Windows Server is experiencing slow network!
Replies
1
Views
449
gbaughma
gbaughma
rzammit82
  • Locked
  • Question
Windows Server 2016 - DNS/AD problem
Replies
1
Views
345
suncit
suncit

Part and Inventory Search

Sponsor

Back
Top