Server 2003 PPTP/VPN
Hi,I configured VPN using Routing and Remote access but with a set-back. Access from the internet can be established via a VPN tunnel into the Intranet without a glitch, but access from within the Intranet cannot access the internet. When I stop routing and remote access, clients from within the intranet can connect to the internet. When I restart RRA, I can no longer connect to the internet from within.Setup:Windows Server 2003 Enterprise edition.NAS-Port type = VPNTunnel Type = Point to Point Tunneling ProtocolAuthentication = MS-Chap V2Remote method of authentication = Windows authenticationEncryption 128 bitInternet inbound and outbound filters at defaultIntranet adapter = 172.16.0.xInternet adapter = 10.1.0.xDHCP on same server provides IP addressing for both the Intranet connections and incoming VPN connectionsInternet adapter connected to a D-link router
June 8th, 2008 6:02pm

Problem resolved.
Free Windows Admin Tool Kit Click here and download it now
June 8th, 2008 10:03pm

Dear customer: I am so glad to know you solved the issue by yourself. Could you tell us how you resolved the issue? If you share your steps with us, this can benefit other customers, Thanks. Rock Wang - MSFT
June 20th, 2008 10:11am

When I initially configured the VPN server, I selected "Remote access (dial-up or VPN)" which will allow only remote clients to connect to the VPN server through a secure VPN connection. In order to allow local clients to connect to the internet, it needs NAT. This option did not configure one.To make it quick and easy without having to manually configure NAT, I disabled routing and remote access and reinstalled (configured) it using the option " Virtual Private Network (VPN) access and NAT".
Free Windows Admin Tool Kit Click here and download it now
June 20th, 2008 5:59pm

Dear customer: Thanks for your great summary and knowledge sharing. Thank you, have a great day! Rock Wang - MSFT
June 21st, 2008 5:03am

Hi I've setup vpn same way as you have told me my friend. but i am able to connect with it form intranet by giving it's internal ip address 192.168.1.x and i am not able to access it from outside the building like from my home by givin it's external interface ip 58.65.17x.x will you plz tell me all steps that you follow to make your vpn work. i have two interface cards one for internet one for lan lan will use internet aswell plz guide me with all steps i am new to this thing. kindly help. regards imran shakir Assist. Network Engineer
Free Windows Admin Tool Kit Click here and download it now
July 31st, 2008 8:58am

Hello,You will need to give me a bit more detail on your setup. It may be something as simple as forwarding. What is the IP of your external NIC? f you have a router on the perimeter of your network, you will need to forward PPTP (Port 1723) to that nic. This way when you are accessing your VPN server from outside, your router will know where to send the request.
August 2nd, 2008 9:02pm

yeah kindly let me know what kind of information you want. my external ip address is 58.65.177.202 and my internal ip address is 192.168.1.10. it's windows 2003 enterprise server. this server's external interface 58.65.177.202 is connected with a zyxel router model prestige 334. router ip is 58.65.177.201 which is default gateway for my server external interface. kinldly let me know what thing is blocking outer user to access my server internal users can access it with 192.168.1.10 ip address thorgh vpn. but external user from external interface can't. best regards
Free Windows Admin Tool Kit Click here and download it now
August 4th, 2008 7:52am

hi on readin about vpn on internet i have seen gre and ip protocol 47 that needs to b run or open on server. kinldy let me know how to install this protocol ip 47 or how to open it or run it. and what is gre. may be these or any of these two is missing. regards
August 4th, 2008 8:08am

Your router must support gre protocol 47 and most do. Make sure you forward PPTP port 1723 to 58.65.177.202 and then give it a try.See page 18-7 on your Router's manual.Link: http://dl01.zyxel.com/DownloadLibary_ShortName/P-334W/user_guide/P-334W_3.60%20.pdfGood luck!
Free Windows Admin Tool Kit Click here and download it now
August 5th, 2008 4:16pm

i have forwarded port 1723 for ip 58.65.177.202 but still no luck.now what i have done.i have made my server domain controller by installing active directory on it. it's dns name is now vpn1.youpark.com and it's wins name is vpn1 i have created group vpnusers in it and i have created users and granted them access permission for vpn dailin. i'm not sure my router support 47 gre or not.now i'm goin to install vpn service again on my server with this new settings now see if it works or not. if something is missing in it kindly guide me.thanks for helpbest regardsimran
August 7th, 2008 7:21am

no still there's no successdoes any one know if zyxell prestige 334 support gre ip protocol 47 or not.and is there any one who know how to forward port on this router for vpn.regards
Free Windows Admin Tool Kit Click here and download it now
August 18th, 2008 2:46pm

I do not believe this router supports forwarding of the GRE IP protocol 47. The way Zyxel does their port forwarding is just by ports, not protocols. Their firewall based line is able to forward by protocols. I would suggest a Zywall 2, it is much better suited for small businesses then the 334. I would suggest calling their support line at 1-800-255-4101 (8am to 5pm PST) and talking to their tech support. They are very knowledgeable and have tested this before. They will tell you for sure if it can work or not.
August 18th, 2008 7:50pm

thanks for help scotty kindly tell me which routers are supporting pptp and gre 47 and are easy to configure. i will buy a new router. but kindly let me know which one is the best easy to configure and supports gre 47 and pptp. what routers are on the list or any website where i can find such routers list. regards
Free Windows Admin Tool Kit Click here and download it now
August 19th, 2008 7:52am

Sorry, I should check in more often. The link I supplied does show your router supports GRE 47 but I may be wrong. You may have a differnet revision. The Router Scotty refers to is located here: http://us.zyxel.com/web/product_family_detail.php?PC1indexflag=20040908175941&CategoryGroupNo=FF94F854-B6F1-47B7-BFB7-4660CF8649C8It seems a bit costly if you are simply using it for home use, but well worth the cost if you plan to use it for a small business. For testing purposes, I use an inexpensive D-Link router which goes for much less than the Zyzel 2.Make sure your permissions are set correctly and you have no firewalls enabled, or configure accordingly.Xsponder
August 19th, 2008 4:55pm

hiok fine. now i'm already askin for my office so this router will be used for an office vpn and i am not goin to purchase it personally my company will purchase it. i have sent them following list for recomended GRE/PPTP support Routers: p.MsoNormal, li.MsoNormal, div.MsoNormal {margin:0in;margin-bottom:.0001pt;font-size:12.0pt;font-family:'Times New Roman';} a:link, span.MsoHyperlink {color:blue;text-decoration:underline;text-underline:single;} a:visited, span.MsoHyperlinkFollowed {color:purple;text-decoration:underline;text-underline:single;} @page Section1 {size:8.5in 11.0in;margin:1.0in 1.25in 1.0in 1.25in;} div.Section1 {page:Section1;} ol {margin-bottom:0in;} ul {margin-bottom:0in;} Zyxel GRE supported Router: ZyWALL 2 Plus http://us.zyxel.com/web/product_family_detail.php?PC1indexflag=20040908175941&CategoryGroupNo=FF94F854-B6F1-47B7-BFB7-4660CF8649C8 LINKSYS GRE support Routers: 1- WRV2002- WRVS4400N3- RVS40004- RV0xx Series5- WAG54G (UK/EU ADSL Gateway router)6- BEFVP41let me know if any of these isn't GRE/PPTP support enabled.ok now if we leave the router on a side for a moment and see what rest case is.i have a server. it is windows 2003 server and it has two interfaces.58.65.xxx.xxx that connects it with a router and that router is default gateway for this interface. router ip is 58.65.xxx.xxx default gateway of this 2003 server. it's 2003 enterprise server.second interface of this server is connected with a switch and it's ip is 192.168.1.2now kindly guide me how can i configure this machine as VPN Server in this way that my boss from anywhere should sit on his laptop and configure a vpn client to connect to server 58.65.17x.xxx provide username and password and connect with this server as vpn client. then he should be able to browse other computers on this LAN that server is on 192.168.1.2 this lan contain 30 computers. so if any vpn client connects with this server he should be able to have access to this lan pcs. you know what i mean that is the purpose of setting up vpn connection. kindly note that this server is capable of remote desktop i do it from home and it is fine with it. kindly guide me what i have to do to make it vpn server? that it fulfil the above need.regards and thanks for help, it's really great.
Free Windows Admin Tool Kit Click here and download it now
August 20th, 2008 9:14am

hi ok i give you my server administrator password you login to this machine remotely and see if i have done any mistake in vpn server configuration or you may reinstall vpn server on it kindly let me know your email id so that i can send you password for my server. can't type it here then any one can login to my server. kindly let me know about it. regards
August 21st, 2008 7:08am

hii've configured a vpn server and it's working very well. the only issue is that it allows me only two vpn connections. can i increase the number of vpn connections? any setting for it ?
Free Windows Admin Tool Kit Click here and download it now
September 1st, 2008 1:42pm

is there a way of doing this with one NIC instead of two?
September 26th, 2008 11:24pm

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics