VPN - PPTP works on Dialup, not on DSL.

[Guest_imported]

I am having a problem connecting win2k clients to a win2k VPN server.

The configuration is client -> DSL router -> Internet -> Company Router -> Company Firewall -> VPN server .

If the client uses his dial-up modem, it works fine. If i VPN from inside the company, it works fine. If the client uses his DSL, it wont work. It verifies user and password, sits there for 10-15 seconds, and then gives an error.

I have been trying to configure a router from another office to connect and i either get error 619 or 721.

I believe the only ports I need open are 47(GRE) and 1723(TCP). On my DSL router, i created input filters that allow any gre or port 1723 in.

Do i have to creat output filters as well? Is there some way i need to forward my insde ip address or something? I am stuck... Cant get it to work from my DSL or the clients...

mike

 

[nycrazyjoe]

I am missing something what does the router have to do with the client trying to connect, Are you using demand dialing Ip to Ip ? The the dsl Router is actually only a gateway to the tunnel. I think you are getting PPTP errors form the connection rather than DSL issues

 

[Guest_imported]

Because, the client has to go through his router to get to the internet. There are muiltiple computer connected to that router, all sharing the same IP address.

I tried setting it up at my home on a cox@home cable modem that is behind a SMC barricade router. It didnt work at first. I then tried forwarding port 1723 to the inside ip address of my computer. I know that the GRE protocol always needs to get through, but couldnt find any settings on my router to allow GRE??? It stil didnt work... Then i setup my computer as the DMZ host and it worked.

What is going on?

mike

 

[ABCRich]

What type of router do you have? If the answer is a cellpipe 50, then it will never work. I suggest getting a DSL modem rather than a router, they seem to work better with VPNs.

 

[jeter]

ABCrich is correct the lucent cellpipe 50a will not work with vpn. You will need to purchase a Zyzel router and or get a ethernet dsl static modem. Jeter@LasVegas.com
J.Fisher CCNA

 

[Guest_imported]

Nah, Its a SpeedStream 5600 router. The router i tried at my office is a Netopia R7200. I couldnt get the VPN to work on either one. Maybe somehting i am doing wrong configuring the ports...

I couldnt get it to work on my SMC Barricade 7004 at home on a cablemodem because there was no way to allow the GRE protocl through. I had to set my computer as the DMZ host in order for VPN to work from there....

Mike

 

[Guest_imported]

I have the same problem. I have Cox@Home and have just re-installed Win2K. The rest of the connecting is the same (home to work behind a firewall).
I see that Cox has just implemented a "No VPN" policy in my area (New Orleans). I doubt that they can enforce this so quickly. Also, a friend who lives in a different part of the city can connect (also Cox@Home). However, this person 1) Is using NT4.0, and 2) Is on another node. Also, maybe the specific cable modem has something to do with it?

The error is that it will not create a secure connection. It authenticates the ID/PWD fine.

Any fresh ideas? I will try the DMZ host solution.