VPN

[crmayer]

I am trying to VPN from a client on the inside of my private network to a VPN server on the outside. They (the outside server people) are telling me that I need to open ports and map things to this client. I was thinking that once the VPN connection is established that I would not have to open anything. They tell me that I need to map TCP 1723, GRE Protocol 47. Does anyone know if I really need to do this?

The problem is that once I am connected I can not ping anything on there network.

 

[pmf71]

Well if you only make a vpn connection from inside to outside, you dont need to map ports. To be on the safe side you can map the GRE protocol, and tcp port 1723 to your internal IP.
If you are able to connect but can'tping anyone on the other side, then the problem is most likely on the other side, It's possible the VPN server config doesn't support NATTED encrypted packets. If the other side is running the windows 2000 server VPN server, upgrade it to service pack 4, that might help.

A better (and most definately the safest) way of making a vpn connection is by configuring an IPSec policy on the gateways, if the gateway is a win2k machine (pro or server). see the microsoft knowledgebase for more info on IPSec policies.

 

[crmayer]

Thanks for the reply. It turned out that once I unchecked the check box for "use remote gateway" everything worked fine. If I use my gateway I am able to connect and everything worked fine.

Thanks again for the help.