Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

VPN win2k server PPTP

Status
Not open for further replies.
ccicg

ccicg

IS-IT--Management
Apr 2, 2002
14
US
Windows 2000 server that is not a domain controller. Can VPN to the box using PPTP, mschap v2..... anyhow, it seems like the file security is using the username and password for the computer account that is logging into the server, not the vpn connection. I want the cilients to be able to vpn to the box from a home computer and the file security is checked by the login user and pass from the vpn client. Does that make any sense? Say I have a win2k box and I am logged in as "joe", then i vpn to a box with username "john". I cannot access the files that have security set only for "john". But if I log into my local box with username "joe" and then vpn with username "joe" then I have access to those files. This is a problem because remote users need to be able to vpn to that box using whatever machine they choose.

Thanks for any info,
Hope I don't feel dumb after writing this!
 
Sort by date Sort by votes
Try using L2TP rather that PPTP, L2TP uses better security so should stop and ask them for a user name and password, at this point they should be able to enter the correct details to get access to the files needed.

i think.... Mac [pipe]
MCP, MCSA, MCSE (NT4), MCSE (W2K), CTT, MCT
mac@suicidal.co.uk

Glad to be of service.
 
Upvote 0 Downvote
i was planning on using L2TP, but this problem is bugging me still. thanks for the suggestion
 
Upvote 0 Downvote
Hi all,
I also have a similar situation of VPN setup on a W2K server in a workgroup. I have a firewall(Zone Alarm) on server which is stopping the incoming connections. How do I configure to allow PPTP incoming connections?

ppc2k
 
Upvote 0 Downvote
PPC2k, you will have to tell Zone Alarm to allow data on port 1723. Port 1723 is used by microsoft for PPTP. Try that.
 
Upvote 0 Downvote
HI,
Thanks blubomber..
I mailed them about that. I did not see any setup options on ZoneAlarm to allow port 1723 to open. Is there any other VPN/Firewall hardware solution that I can hook up to my Win 2K server and configure RRAS for VPN access? All I need is a firewall for server and which allows VPN connections to pass through it for clients to connect.

Thanks,
ppc2k

 
Upvote 0 Downvote
Hi PPC2k,

How do you connect to the Internet? DSL, T1?

You can buy a stand alone small box that would hook up to your internet connection that will allow VPN. There are alot of choices out there, Linksys, Cisco, SnapGear, etc. You will have to do some research on each to fit your needs. Some charge for each client connection to the VPN while others dont. These VPN devices can also be a firewall, router and switch. If you get one, you will not need a RRAS server.

Or, you can choose to setup a RRAS server with 2 NIC cards and use that for your VPN. I would also recommend, if you are going to use RRAS, that you purchase ZoneAlarm Pro to handle the firewall duties since the RRAS server will be hooked directly to the Internet.

My personal situation is that i have a Cisco 1605 router that does not allow, to the best of my knowledge, client VPN connections. The router is also a firewall. I tried to setup RRAS on the inside of the router to allow VPN but, i could not get my router let the data through. I was using NAT on the router for port 1723 but i could never get a connection with the RRAS. From the reasearch i did, you cannot do VPN using NAT.

Hope i have helped you out and given you some ideas.

blubomber
 
Upvote 0 Downvote
Thanks again blubomber,

I was researching on various options today and ZoneAlarm.
My win2K server is on peer n/w with ICS enabled. we have T1 and public IP. I am currently running ZoneAlarm Pro trial.
Just now, I found out how to open ports 1723 and 47 for PPTP in/out bound connections in ZoneAlarm.
Yet to try if that works out for me.

Thanks,

ppc2k
 
Upvote 0 Downvote
A cheap option for a VPN passthrough is a Watchguard SOHO box which will allow Win2k to passthrough without having to buy the VPN option, however, the VPN options on this if you buy them are way more secure than using the PPTP on Win2k, there are better options like checkpoint vpn-1 but thats a little expensive.

Hope this helps some

Marie
 
Upvote 0 Downvote
blubomber,
I got it all working except that VPN clients could not see any other computers in workgroup and I can share only VPN server's shares. I could browse internet on client after taking off the option in TCP properties as said in MS articles. What do I need to do to get browsing in network.

Zonealarm allows VPN connections, I had no problem. I used PPTP.

Thanks,
ppc2k
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

MaioMaio
  • Locked
  • Question
Server Remote Desktop License
Replies
0
Views
212
MaioMaio
MaioMaio
Aquiles Vidal
  • Locked
  • Question
Web Browsers in Windows Server or Terminal Server
Replies
0
Views
261
Aquiles Vidal
Aquiles Vidal
rzammit82
  • Locked
  • Question
Windows Server 2016 - DNS/AD problem
Replies
1
Views
309
suncit
suncit
antonio_dsanchez
  • Locked
  • Question
post-installation WSUS windows server 2016
Replies
0
Views
223
antonio_dsanchez
antonio_dsanchez
jamescpp
  • Locked
  • Question
Windos OpenSSH server vulnerability
Replies
0
Views
251
jamescpp
jamescpp

Part and Inventory Search

Sponsor

Back
Top