VPN, Windows 2000 Server and a Linksys BEFSR41

[alder99]

Greetings all,
ok.. here's what I got. a DSL connection, a Linksys DSL router BEFSR41, and a Windows 2000 Server behind it.

Me? a laptop with Windows 2000 Pro.

DHCP is provided by the Linksys router.

-----
All I want to to is connect to the W2K server from any location using the VPN connection/client provided by Windows 2000 Pro

If I understand it right... I've set the router to forward ports 1723 and 47 to the Windows 2000 server..

when I"m at a remote location. and connected to the Internet via dialup or office connection...I can call to the server it picks up bit I cannot seem to get it to autenticate..

the error message I get is:
Error 930: The authentication server did not respond to authentication requests in a timely fashion.

Anyway.. I just would like to know if there is anyone who was able to get this to work... and if possible some simple instructions or links...

Linsys documentation is bad and Microsoft documentation requires a paralegal..

Please help.. thanks.

 

[Guest_imported]

TCP port 1723 is correct. TCP port 47 is NOT correct. It is IP protocol 47. On the Linksys, look for PPTP passthrough and make sure you have that enabled. I know the Linksys has that feature. This will pass through IP protocol 47.

 

[alder99]

Oh IC.. so it's at just port 1723 only.. and turn on the pptp

ok.. I took care of that already...
now is there something simple to do on the Server side so people with local or domain accounts can log in?

are there any things I should be aware of..

Any help is greatly appritiated..

 

[shemfoo]

I'd imagine what worked under NT4 should work the same. make sure the user has dial-in permissions, and make sure dialed-in clients have access to the entire network rather than the server.
have fun!

 

[thadaeus]

Did you ever get this working? I basically have the same setup and got mine to work. On the client side, change the security properties from auto-negoiate to PPTP. It worked for me.

 

[BigBHaller]

I just got it working. I have Windows 2000 Server (SP2) with a single NIC behind a LinkSys cable router.

1) I setup the router with PPTP and IPSec (even though, I am not using IPSec as of yet) passthrough.

2) I forwarded port 1723 to the internal NIC address of the server.

3) Opened Routing and Remote Access console and configured the server as a VPN server.

4) Went through the router and selected to use DHCP server (which is the same as the VPN server), and "No Internet Connection" when setting up the Internet NIC (this is because I only have one NIC).

5) When completed with the wizard, I opened up IP Routing and right clicked on DHCP Relay Agent and specified both the server's NIC address (192.168.0.10) and the loop back address (127.0.0.1) just to be safe. It could probably use one or the other, but I did both.

6) By default, the VPN is setup with 256 ports for both PPTP and L2TP. Since the router cannot pass L2TP packets, I reduced to ports to 1. I also reduced the ports for PPTP to 5, since I won't be using up to 128.

7) I narrowed down the permissions in the Remote Access Policies section. I added "Windows-Group matches" my domain groups. And I changed the profile (Edit Profile button) to include VPN as a dial in media.

I hope this helps anyone who has had trouble with this. I know it took me a while to get the right combination of variables. And I was considering purchasing the VPN router model instead. But this will save me about $120. Good luck.